Sr. It Security Analyst

Location

Senior IT Security Analyst

Summary

The Senior IT Security Analyst is the main liaison between Information Security and other departments and is responsible for coordinating the activities associated with both new and existing security systems.
Provides guidance to the existing Security Analyst, leads alert response/investigations, and aligns systems with established best practices, regulations, and security standards. Responsible for existing and new physical technical security projects. Subject matter expert responsible for the technical and administrative activities related to monitoring and testing the security of the client's computer environment. Reviews existing security tools and proposes enhancements to maintain a high level of data integrity and security. Position is involved in all areas of Information Security and will have access to confidential information through privileged user accounts, audits, and other security efforts.

Core Responsibilities
This list is not intended to be inclusive but to provide an understanding of the overall job function:

• Review third party vendor security and service organization controls.
• Conduct and coordinate vulnerability management activities.
• Maintain diagrams, procedures, and other operational documentation.
• Works closely with support personnel on improving configuration and implementing best practices.
• Perform administrative activities related to disaster recovery and business recovery plans.
• Monitor, analyze, and report on alerts produced by suite of security products.
• Research and stay in-touch with emerging technologies and threats.
• Administer and support varying security systems and tools.
• Document findings, gather metrics, KPIs, and other security analytics.
• Responsible for physical security projects and initiatives.
• Secure Office 365 products, on-premises systems, and public cloud services.
• Assists with implementation of security and technology projects.
• Educate users about information security requirements, policies, and procedures.
• Act as the first response to security alerts, events, and incidents, triaging and coordinating response.

Knowledge & Skill

The candidate must have strong foundational knowledge of information security and practical experience in Security Services. Specific knowledge areas include:

• Team Oriented - you celebrate and take joy in the success of others on the team.
• Working experience performing security operational activities, such as performing security investigations, data classification, IAM, PAM, Incident Response, and vulnerability management.
• Experience securing O365 and public cloud applications, data, and systems.
• Exposure to administering security tool. Examples include WAF, CASB, IPS, and EDR. SOAR, scripting, PowerShell, or a like experience is not required by a plus.
• Efficient & Speedy - you get work done in a well thought out and efficient manner.

Education/Experience Required
Bachelor's degree or equivalent experience.

• 3-5 years of relevant security engineering and/or operations experience.

Physical Demands

• Be on-call when needed (both scheduled and unscheduled)
• Onsite work required as needed per tasks and engagements that require onsite availability.
• Both onsite and remote work.
• Available nights, weekends, holidays

Compensation/Additional Info

• Responding to security alerts, and performing security investigations
• Hybrid - Team is working remotely at this time however there will be expectations to work onsite in the very near future but it will be a hybrid schedule
• Annual salary range: $90K-$113K
• Implementing and/or supporting security systems, such as Web Content filters, Perimeter Firewalls, Web Application Firewalls, and MFA platforms
• Securing Cloud Services such as Office 365 and Azure Public Cloud
• Managing Vulnerability, Privileged Access, and Identity Access Management programs
• Working with investigative tools such as SIEM, EDR, or alike technologies