Cyber Security Analyst

Job Description:

As an IT Security Analyst, you will play a critical role in safeguarding our organization's digital assets and infrastructure. You will be responsible for monitoring and analyzing security events, identifying potential threats, and responding to security incidents. Your expertise will be essential in conducting vulnerability assessments, implementing security controls, and ensuring compliance with industry standards and regulations. You will collaborate with cross-functional teams to develop and maintain security policies, procedures, and awareness programs, while staying abreast of the latest security trends and technologies. Your proactive approach to threat detection and incident response will be vital in maintaining the confidentiality, integrity, and availability of our systems and data.

Core Responsibilities & Duties:

• Security Monitoring and Analysis:

• Monitor security logs, network traffic, and system events for suspicious activity.

• Analyze security alerts and events to identify potential threats and vulnerabilities.
• Utilize security information and event management (SIEM) tools to detect and correlate security incidents.

• Incident Response:

• Participate in incident response activities, including containment, eradication, and recovery.

• Conduct forensic analysis to investigate security breaches and determine the root cause.
• Document security incidents and response actions.

• Vulnerability Management:

• Conduct vulnerability assessments and penetration testing to identify security weaknesses.

• Prioritize and track vulnerabilities and recommend remediation actions.
• Manage and maintain vulnerability scanning tools.

• Security Control Implementation:

• Implement and maintain security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.

• Configure and manage security systems and applications.
• Ensure security controls are properly implemented and maintained.

• Compliance and Auditing:

• Assist in security audits and compliance assessments (e.g., GDPR, HIPAA, PCI DSS).

• Develop and maintain security policies, procedures, and standards.
• Ensure compliance with relevant security regulations and industry best practices.

• Security Awareness and Training:

• Develop and deliver security awareness training programs for2 employees.

• Educate users on security best practices and potential threats.
• Promote a security-conscious culture within the organization.

• Threat Intelligence:

• Stay up to date on the latest security threats and vulnerabilities.

• Research and analyze threat intelligence to identify potential risks.
• Provide threat intelligence reports and recommendations.

• Collaboration and Communication:

• Collaborate with cross-functional teams to address security concerns.

• Communicate security risks and recommendations to stakeholders.
• Provide clear and concise security reports and documentation.

• Documentation and Reporting:

• Maintain accurate and up-to-date security documentation.

• Generate regular security reports and metrics.
• document security procedures.

Qualifications:

• A degree in the field of Computer Science or related field, or equivalent experience is required
• 5 + years of experience in IT information security
• Strong technical and consulting skills, project management capability
• Experience with security and risk frameworks, standards, and best practices
• Able to present effectively to executive level in both business and IT terms

Skills:

• The ideal candidate will possess a "can do" attitude with a "will do" work ethic
• Quick thinker, experienced in unconventional problem solving
• Excellent understanding of business complexity and project interdependencies
• Excellent communication, written, verbal, analytical and problem-solving skills
• Suitable time management skills and ability to meet deadlines
• Strong understanding of the organization's goals and objectives
• Exceptional interpersonal skills, with a focus on listening and questioning skills
• Strong documentation skills
• Ability to conduct research into a wide range of computing issues as required
• Ability to absorb and retain information quickly
• Ability to present ideas in user-friendly language to non-technical staff and end users
• A keen attention to detail
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Exceptional customer service orientation
• Experience working in a team-oriented, collaborative environment