Security Analyst

Overview

Remote
Depends on Experience
Full Time

Skills

Security Analyst
DAST
email security
endpoint protection
external auditor
improve processes
threat modeling
training programs

Job Details


Responsibility:

  • Perform and mature security operations of three (3) main areas: Cyber/logical, Physical, and Compliance so that they are well managed, documented, and efficient.????
  • Monitor and respond to alerts and events from systems like endpoint protection, IDS/IPS, & email security, SIEM, and cloud-native security services, and respond to various managed third-party security service providers.?
  • Administer and maintain both physical and logical security systems and solutions.?
  • Perform identity management functions for all systems and improve processes.?
  • Work with IT staff to identify and mitigate security vulnerabilities and audit information security processes and procedures.?
  • Assist with day-to-day physical security operations of a high-security manufacturing facility.?
  • Develop, maintain, and report on security operations metrics.?
  • Assist with Application Security operations such as threat modeling, SAST, DAST, SCA, and security vulnerability/bug management.?
  • Assist with maintaining PCI compliance, including managing PCI DSS and PCI Card Production compliance and passing annual assessments performed by an external auditor/QSA.?
  • Perform third-party risk management activities.?
  • Assist with cyber/logical and physical security audits, review findings, and recommend and perform corrective actions.?
  • Assist with performing incident response activities for any physical or cyber/logical security incidents, including containment, investigation, remediation, and reporting.?
  • Assist with developing and implementing security awareness & training programs for the security guard staff, manufacturing personnel, developers, and company users.?
  • Manage and evaluate security vendor relationships and technologies.??

Skills/Knowledge/Qualifications:

  • Vulnerability/Threat Management
  • Endpoint Detection Response/IDS/IPS
  • PCI Standards
  • System Hardening
  • Data Loss Protection
  • Ability to work independently and make decisions regarding a high-security facility and IT environment.
  • Be able to work with cross-functional teams to meet security goals and requirements.
  • On-call and non-standard business hours work may be required.