Under the general guidance of the Chief Information Security Officer (CISO) and in cooperation with the Security Technical Team Lead, this position is responsible for providing advanced security analysis to manage the design, implementation and monitoring of security for computer platforms and systems, hosted at the Data Center, and in cloud environments.
The computer platforms include network, server/storage/backup, application platforms and architectures.
This position specializes in information security across the entire technology stack.
It analyzes security risks and plans controls, develops policies and procedures to implement security practices, and coordinates implementation of security controls.
This position may lead projects to implement new security controls. This position will also have daily, weekly and monthly duties operating security control systems in place.
It will monitor compliance with security policies and procedures.
Regular duties may include the following representative tasks:
Research vendor offerings and conduct POCs.
Coordinate with other teams to implement new technologies and remediate issues.
Monitor asset inventory, installed agents, and status of devices.
Review vulnerability dashboards and organizational impact of changing threat landscape.
Monitor data inventories, policy violations. Produce reports and metrics.
Monitor and process incident response queues.
Monitor SIEM logs and investigate incidents.
Monitor content filter dashboards and investigate anomalies as appropriate.
Manage endpoint firewall operation and adjust as necessary.
Teach, train or advise staff on information security related topics
Security Analyst capabilities with 8 or more years of experience.
Familiar with a variety of the security concepts, practices, and procedures.
Relies on extensive experience and judgment to plan and accomplish goals.
Performs a variety of tasks. May lead and direct the work of others.
A wide degree of creativity and latitude is expected.