Information Security Analyst

Overview

Hybrid
$100000
Full Time

Job Details

Information Security Analyst
Cleveland, OH (Hybrid, 2 days onsite/week downtown)
$100,000 - $115,000K

Description
This role is primarily responsible for executing the tactical and strategic initiatives of the Information Security team to include programs such as risk and vulnerability management, incident response, security architecture, cloud security and third-party vendor management.  Work is typically assigned by the Information Security Manager, although the Information Security Analyst is expected to operate with minimal oversight and be able to identify areas of opportunity to get involved with information security tasks and initiatives.  The ideal candidate is comfortable working in a fast-paced environment, communicating to technical and non-technical staff, and capable of switching between tasks as situations and criticality arise and be passionate about learning and continuous education.
 
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following.  Other duties may be assigned.
  • Execute on security strategy as defined by the Information Security Manager.
  • Participation in the Firm’s Vulnerability Management Program, working with cross-functional teams to identify, manage and mitigate security vulnerabilities across the Firm.
  • Assist with the administration of the Firm’s Vendor Risk Management process, including analyzing and responding to third-party risk assessments.
  • Monitor and respond to information security alerts and notifications (IDS/IPS, SIEM, AV/EDR, etc.).
  • Design, review and administer Azure cloud security controls and architecture, including auditing Azure cloud environments.
  • Utilize scripting languages such as PowerShell and Python to automate tasks and improve security operations.
  • Collaborate and advise on IT projects to ensure security issues are addressed throughout the project life cycle.
  • Assist other IT teams in developing and employing security solutions across various applications and product platforms.
  • Administer and utilize various endpoint and network security tools, such as CrowdStrike, SIEM tools, Fortinet or other comparable advanced detection and response tools.
  • Administer and utilize vulnerability scanning, packet analysis and exploitation tools such as Nessus, nmap, Wireshark, tcpdump, Metasploit or similar technologies.
  • Design, review and aid with implementation of secure networks and system architecture (ex. network topology reviews, firewall ruleset reviews, minimum security baselines, etc.).
  • Apply appropriate controls referenced in various security frameworks and standards, such as the NIST CSF 2.0 Framework, NIST 800-53, CIS Controls, etc.
  • Monitor and secure Microsoft client and server systems, along with Fortinet and Cisco (or comparable) network devices.
  • Assist with the management and maintenance of user security policy education, training and awareness programs.
  • Conduct security research to stay abreast of latest security issues, including laws and regulations which may affect the Firm.
  • Other duties as requested and assigned.
 
QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
 
EDUCATION/EXPERIENCE:
  • Bachelor’s Degree in Computer Science, Management Information Systems or related field with a minimum of 5-7 years of experience in Information Technology, including 3-5 years of experience in Information Security with two or more of the following domains: Windows Systems Administration, UNIX/Linux Systems Administration, Networking, Access Control, Incident Response, and Information & Data Security.
  • Preferred Certifications:
  • Certified Information Systems Security Professional (CISSP)
  • GIAC GSEC, GCIH, GCIA, GCWN, or equivalent certification
  • CompTIA Security+, CySA+, Network+, CASP or equivalent certification
  • Microsoft Azure Security Certifications (i.e. AZ-500, SC-100 to SC-400)
TECHNICAL SKILLS:
  • Demonstrated proficiency in Microsoft Office Suite including Word, Outlook, Excel, and PowerPoint.
  • Proven aptitude to learn new software applications.
 
LANGUAGE SKILLS:
  • Very strong communication skills, both written and oral. Excellent interpersonal communication skills necessary to maintain effective relationships with staff, trusted third-party partners, attorneys and clients.  Establish credibility with staff and attorney base through quality work and communications that bring to bear the right mix of confidence, tact, persistence and reliability.  Written communications must be concise, professional and accurate.
 
MATHEMATICAL SKILLS:
  • Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals.
 
REASONING ABILITY:
  • Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form.
  • Ability to deal with problems involving several concrete variables in standardized situations.
  • Ability to define problems, collect data, establish facts and draw valid conclusions.
  • Ability to interpret an extensive variety of instructions and deal with several abstract and concrete variables.
  • Exhibit independent thinking and decision making.
  • Ability to interpret an extensive variety of instructions in mathematical or diagram form and deal with several abstract and concrete variables.
  • Ability to think strategically, develop tactics and execute pragmatically.
OTHER SKILLS and ABILITIES
  • Excellent organizational and planning skills with ability to prioritize multiple tasks and projects to meet deadlines.
  • Ability to work under pressure in a fast-paced environment with demanding individuals.
  • Strong analytical and organizational skills with a tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision.
  • Outstanding creativity; flexibility and persistence; motivation and energy with the ability to work with little supervision and collaborate with other members of the team.
  • Ability to work overtime when needed. Work occasionally requires more than 40 hours per week to perform the essential duties of the position.
  • A tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision.
  • Thorough understanding of technologies that can be applied to firm operations and enhance working efficiency.
  • Ability to exercise discretion with confidential and sensitive information. 
WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
 
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.