Cyber Security Analyst Sr.

» Cyber Security Analyst Sr.
Information Technology
in Columbus
, GA
Reference: 19-02860

Description:

This position is responsible for monitoring, detecting and responding to security alerts, identifying security risks and exposures, determining causes of security alerts, provide recommendation on process improvements, and tuning ideas to prevent future occurrences as well as investigating and resolving security incidents, developing techniques and procedures for conducting IS security risk assessments and compliance audits. Evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents.

Responsibilities:

  • Proactively monitor complex systems and response to known and emerging threats against the network via intrusion detection software
  • Complete detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events
  • Perform incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities
  • Keep up-to-date knowledge of new and emerging threats that can affect the organization’s information assets by analyzing of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective
  • Responsible for the design and configuration of security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls
  • Provide input in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model
  • Assess risks based on changes to implementation of ISO (International Organization for Standardization)/BSO(Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and card personalization
  • Create cost-effective solutions for system/application development regarding information security processes and concepts in applicable systems and software
  • Perform day-to-day information security functions pertaining to computer access control on numerous security software products and processes
  • Enhance understanding of business objectives and help provide direction based on risk, corporate policy, association and regulatory guidelines
  • Participate in developing long-term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, and policy creation

Minimum Qualifications:

  • Bachelor’s degree
  • Relevant Experience or degree in Computer Science, Information Security, or related field
  • Minimum 4 years of relevant experience
  • Network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows
  • Proven experience working with security operations, intrusion detection systems, Security Incident Event Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs (PCI, SOX, GLBA, etc.)

Preferred Qualifications:

  • Professional certifications including  CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager), CISA (Certified-Information-Systems-Auditor), GSEC (GIAC Security Essentials), Network +, and Security +
  • Minimum 6 years of relevant experience
  • Knowledge of industry standard security compliance programs (PCI(Payment Card Industry), SOX(Sarbanes-Oxley), and GLBA(Gramm Leach Bliley Act)
  • Knowledge of IT core infrastructure and cyber security components/devices
  • Minimum 3 years of experience with TCP/IP Networking and knowledge of the OSI model
  • Experience with OS management and network devices