Overview
On Site
Hybrid
120-150K
Full Time
Skills
Policies and procedures
Information security
Information systems
Emerging technologies
Security awareness
Incident management
Computer science
Information Technology
Firewall administration
Email security
Endpoint protection
Vulnerability management
Malware analysis
Intrusion detection
Policies
Regulatory Compliance
Supervision
Reporting
Data
Firewall
Metrics
Documentation
Research
Evaluation
Scalability
Auditing
Internet
Mathematics
Statistics
Administration
SANS
CISM
CISA
CISSP
Job Details
The Information Security Analyst II provides support for various components of the information security program. This includes safeguarding the organization against computer viruses, worms, spyware, malware, intrusion/unauthorized access, denial-of-service attacks, and attacks by hackers. The Information Security Analyst II also monitors, analyzes and investigates security alerts and helps execute threat responses and makes recommendations for improvements. Works with end users to determine needs of individual departments. Implements policies or procedures and tracks compliance throughout the organization. Under general supervision, the Information Security Analyst II supports the company's information security posture and performs various duties primarily focused on protecting the information assets and security posture.
Core Competencies
Establishes system controls by developing framework for controls and levels of access; recommends improvements.
Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring of alerts, logs, and security reports.
Plans, implements and upgrades security measures and controls.
Establishes plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction.
Leads remediation efforts to address vulnerabilities and information security risks in a timely manner.
Monitors and maintains security systems and firewalls, logs, applications, and related reporting, and alerts.
Monitors, maintains, and creates meaningful security related metrics that measure performance, vulnerabilities, statistical improvements/declines, and relative environmental factors, anomalies, risks, and compliance measures.
Defines, implements, and maintains corporate security policies and procedures, and develops operational documentation and processes.
Conducts research in emerging technologies and participates in the evaluation of technologies that align with business goals, reduces costs and improves reliability, scalability and security.
Educates the staff in security awareness and procedures.
Completes projects and tasks associated with security monitoring, detection, incident response, audits, and security program initiatives.
Investigates intrusion attempts, security incidents, malware infections, exploit attempts, and internet usage anomalies.
Produces reports on intrusion activities, security incidents, and other threat indications and alerts.
Creates newsletters and articulates threats/alerts to all levels of the organization.
Additional Information
Bachelor's degree in Computer Science, Mathematics, Statistics, or Business OR five years of work experience in an information technology analyst role.
Experience with Incident Response, Firewall management, Email security, Security Awareness Program support / administration, Endpoint security tools, vulnerability management.
Certification Requirements (must have one)
SANS/GIAC, CISM, CISA or CISSP
Core Competencies
Establishes system controls by developing framework for controls and levels of access; recommends improvements.
Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring of alerts, logs, and security reports.
Plans, implements and upgrades security measures and controls.
Establishes plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction.
Leads remediation efforts to address vulnerabilities and information security risks in a timely manner.
Monitors and maintains security systems and firewalls, logs, applications, and related reporting, and alerts.
Monitors, maintains, and creates meaningful security related metrics that measure performance, vulnerabilities, statistical improvements/declines, and relative environmental factors, anomalies, risks, and compliance measures.
Defines, implements, and maintains corporate security policies and procedures, and develops operational documentation and processes.
Conducts research in emerging technologies and participates in the evaluation of technologies that align with business goals, reduces costs and improves reliability, scalability and security.
Educates the staff in security awareness and procedures.
Completes projects and tasks associated with security monitoring, detection, incident response, audits, and security program initiatives.
Investigates intrusion attempts, security incidents, malware infections, exploit attempts, and internet usage anomalies.
Produces reports on intrusion activities, security incidents, and other threat indications and alerts.
Creates newsletters and articulates threats/alerts to all levels of the organization.
Additional Information
Bachelor's degree in Computer Science, Mathematics, Statistics, or Business OR five years of work experience in an information technology analyst role.
Experience with Incident Response, Firewall management, Email security, Security Awareness Program support / administration, Endpoint security tools, vulnerability management.
Certification Requirements (must have one)
SANS/GIAC, CISM, CISA or CISSP