Security Analyst

The Security Analyst is responsible for monitoring security systems, responding to alerts and incidents, and ensuring the organization's security controls are effective. This role involves creating and tuning security device metrics, documenting processes, and identifying unusual activities by correlating events. Strong analytical skills, collaborative abilities, and an in-depth understanding of both current and emerging security technologies are essential to succeed in this position.

Key Responsibilities:

1. Security Monitoring & Advisory: Continuously monitor and provide guidance on security issues related to systems and workflows, ensuring that internal security controls are appropriate and functioning effectively.
2. Incident Response Coordination: Lead and coordinate responses to information security incidents, minimizing impact and supporting rapid resolution.
3. Policy Development: Create, update, and enforce information security policies, procedures, standards, and guidelines that align with best practices and compliance requirements.
4. Data Classification & Audits: Assist in data classification assessments, conduct security audits, and contribute to remediation plans as necessary.
5. Vulnerability Management: Collaborate with IT management to address security vulnerabilities and coordinate vulnerability assessment efforts.
6. Testing & Assessment: Conduct network penetration testing, vulnerability assessments, and comprehensive risk assessments to identify and mitigate security risks.
7. Server Hardening: Develop, coordinate, and review server hardening procedures for all platforms used within the organization's environment.
8. Log Review & Analysis: Regularly review security logs from servers, networks, and other platforms to detect any security anomalies.
9. User Security Awareness: Design, conduct, and maintain user security awareness training to strengthen the organization's security culture.
10. Security Research: Stay informed of the latest security policies and conduct research to continually enhance the organization's security posture.
11. Additional Security Duties: Undertake other security-related tasks as assigned to support organizational needs.

Qualifications & Requirements:

• Education: Bachelor's degree in Computer Science, Information Technology, or equivalent.
• Experience: Minimum of 3 years in IT, with a background in security monitoring and response.
• Technical Skills:
  • Familiarity with IT network infrastructure, server platforms (Unix, Windows), and desktop systems (OS X, Windows XP and above).
  • Proficiency with security tools such as Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, and Tenable Nessus.
• Certifications: One or more of the following certifications are required: QISP, CISSP, Cybersecurity Nexus, CompTIA Security.