Information Security Analyst

» Information Security Analyst
Information Technology
in Denver
, CO
Reference: 19-02165

Position Summary:

Responsible for conducting security assessments, penetration testing, evaluations, risk assessments, and developing recommendations for improvements to policies and procedures as appropriate to network systems. Participate in planning, analyzing, and implementing solutions in support of business objectives. Review and recommend security best practices for other security devices such as firewalls, routers, servers, databases, patch management and anti-virus/anti-malware.

Essential Job Functions:

  • Assist with daily administration of strategic systems platforms
  • Assist in support business with specific troubleshooting and reporting requests
  • Assist with logging and tracking identified system problems through resolution
  • Keep abreast of new features and functionality and providing recommendations for process improvements
  • Ongoing documentation of processes
  • Provide in-depth research for specific and ad hoc projects
  • Expertise on intrusion prevention system, centralized logging tools, fine-tuning of policies, updates and upgrades
  • Analyze vulnerability assessment and penetration reports, primary point of contact for security alerts of servers, systems, databases, firewalls and network devices
  • Oversee security incidents including virus/malware outbreaks, network attacks, and information security violations
  • Review and update information security policies as needed
  • Execute response plan as needed
  • Create cybersecurity awareness by training and educating end users

Competencies:

  • Must be very self-reliant and able to work with minimal supervision
  • Courteous and positive attitude involving users at all levels
  • Ability to recognize and predict problems as you encounter them
  • Excellent interpersonal skills, including verbal and written communication
  • Experience managing and monitoring intrusion prevention systems and responding to security incidents
  • Information security background experience with SEIM or log management tools
  • Excellent knowledge of secure operating systems as well as data security across multiple computer platforms
  • Ability to communicate effectively and clearly present technical approaches and findings
  • Experience in the design and execution of vulnerability assessments, network and web application penetration tests and security audits and provides recommendations for application design
  • Use of encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research
  • Experience in the creation and enforcement of enterprise security documents (policies, standards, baselines, guidelines and procedures) and maintaining documentation, procedures and working instructions in accordance with federal and departmental guidelines
  • Strong knowledge of security industry trends, threats and risk mitigation
  • Strong cultural fit
  • Ability to handle confidential information

Education/Experience:

  • Bachelor’s degree in computer science or related field and four (4) to six (6) years of experience in security administration
  • Or Bachelor’s degree in computer science or related fields and two (2) to four (4) years of experience in security administration and Information security certification (e.g., CISSP, SANS GIAC, GWAPT, GPEN)