IT Security Analyst
In this role, you will collaborate directly with the CIO to identify and implement customized security solutions, steering clear of off-the-shelf options. Additionally, you will engage with trusted vendor-partners to implement a bespoke cybersecurity roadmap tailored specifically to our organization’s needs. Your responsibilities will span a wide range of security areas, including monitoring, incident response, vulnerability assessments, oversight of remediations, developer security programs, network security initiatives, and system security programs.
- A Bachelor’s degree (BA/BS) in Information Security, Computer Science, or a related field.
- A minimum of eight years of experience in systems, network, and/or application security, with a particular focus on network and application security.
- Excellent communication and presentation skills to effectively convey complex security concepts to both technical and non-technical stakeholders.
- Strong organizational and time management skills, meticulous attention to detail, and the ability to prioritize and manage multiple tasks effectively.
- Proficiency in identifying system security vulnerabilities and implementing remediation techniques, including experience with penetration testing and the ability to conduct unit tests with exploit tools.
- Familiarity with various security and IT Risk frameworks, such as COBIT, ISO, NIST, and FFIEC handbooks.
- Knowledge of incident response and crisis management processes, allowing for quick and effective responses to security incidents.
- Understanding of network and web-related protocols, including TCP/IP, UDP, IPSEC, HTTP, BGP, among others.
- Proficient in designing network security architectures that effectively safeguard against threats.
- Experience with computer network penetration testing methodologies and techniques.
- Familiarity with firewalls, proxies, SIEM (Security Information and Event Management), antivirus software, and Intrusion Detection and Prevention Systems (IDPS) concepts.
- Knowledge of patch management procedures, including the ability to deploy patches promptly while considering the potential business impact.