Under direction from the Director and in line with stated strategic objectives, the CST Analyst will conduct industry research, explore the products available on the market to meet the requirements, OR devise a plan to build a solution internally. The Security Rules Management Analyst will focus on policy management for the endpoint and data security tools. Some (but not all) of the primary responsibilities the role will be primarily involved with are as follows:
Provide technical assistance, solution design, and hands on development support for security controls for a Data Loss Prevention (DLP) program
Implement technical systems and monitor them for unusual and suspicious activity across a wide range of products.
Assist with security configuration standards for systems and business applications.
Serve as a member of the information security and change management teams.
Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.
Serve as an additional security team member, aiding in incident response (IR) with the IR and security operations center (SOC) teams.
Maintain vendor management standards, questionnaires, and documentation to adhere to regulatory compliance.
Interface with internal and external auditors for risk assessments.
Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.
Serve as a liaison for the security team.
Perform other duties as assigned.
Technologies sets the role may secondarily support are as follows:
Cloud access security brokers (CASB)
Data Loss Prevention (DLP)
Database access firewalls and database activity monitoring solutions
Email Security solutions
Endpoint Protection Platforms (EPP) and Endpoint, Detection and Response (EDR) solutions
Key and Certificate Management solutions
Public Key Infrastructure (PKI)