Principal Duties and Responsibilities:
Audit and monitor production system logs for unauthorized transactions and intrusions
- Assist in performing security risk assessments and disaster recovery/business continuity planning
- Assist in the development implementation and ongoing administration of the company's information security policies procedures guidelines and related documentation
- Provide analysis and recommendations for information security configuration to IT Project Managers
- Perform administrative functions to complete required tasks including recording issues into tracking system checking voicemail/email and documenting processes and issues
- Promote security awareness programs within the company i.e. phishing and employee engagement in the program
- Provide detailed verbal and written communication to management and peers - Lead projects to install new security applications and technologies
- Ensure optimal use of vulnerability detection anti-virus malware protection and anomaly reporting software
- Collaborate and maintain relationships with various departments across the organization
- Manage end-user permissions ensuring least privilege policies are followed
- Provide elevated level support for the Technology Service Desk - Work tickets in the servicing queue routing them to the appropriate team for follow-up if necessary
- Maintain knowledge with emerging technologies and advancements within Information Security
- The selected candidate will be responsible for ensuring the security and confidentiality of all account and related information which is part of their work and for ensuring that his/her work is in compliance with all applicable laws and regulations including but not limited to the Bank Secrecy Act
Senior Analyst Additional Responsibilities:
Identify emerging threats and oversee threat hunting including phishing detection and response
- Lead ongoing threat and vulnerability assessments and testing of information security controls
- Identify and assess security risks and vulnerabilities and develop mitigation strategies
- Identify evaluate and define new system security requirements and lead information security reviews
- Design computer security architecture and develop detailed cybersecurity designs
- Prepare and document standard operating procedures and protocols
Minimum Qualifications :
- Bachelors degree in computer science management information systems or related field or two years of equivalent progressive experience
Preferred Qualifications
Bachelors degree in Business or an IT discipline from an accredited University plus three or more years of information security experience
- Industry certification such as CISSP MCITP CISA MCSE or GIAC
- Experience with networking and communication techniques including WANs LANs Internet Intranets and protocols such as TCP UDP and IPSEC
- Security experience with networking technologies including but not limited to routers switches and firewalls
- Experience as a subject matter expert in at least two technology-related disciplines intrusion detection antivirus data loss protection access controls perimeter security internet filtering LDAP systems Active Directory Exchange MS SQL etc.
Knowledge Skills Abilities
- Skilled in Microsoft Office software e.g. Word Excel Access PowerPoint gained through either work experience with the software or education and hands-on use of the software
- Ability to create and analyze system logs and network traffic captures from a security perspective including anomalous traffic intrusions elimination of false positives and recommendations for event tuning using appropriate tools
- Knowledge of industry best practices including ISO 17799/13335 NIST COBIT SANS etc.
- Knowledge in developing implementing and communicating security policies standards guidelines and procedures