Job Summary:
The Junior Information Security Analyst continuously monitors and maintains end-point protection solutions to ensure that all information and data assets are appropriately protected from intentional/unauthorized, accidental access, modification or destruction. This position strongly relies on the strict adherence of established and cyber-security policies, procedures, and NIST, CIS, standards and guidelines.
Description:
- Monitor events and alerts generated by information security controls, monitoring systems, end-point protection solutions, asset management tools to satisfy regulatory compliance requirements
- Identify, respond and escalate information security events as appropriate
- Conduct, investigation, support and report of events from information monitoring and detection solutions
- Contributing to the development of information security requirements to assures the computing assets are protected and satisfy compliance requirements
- Assist with vulnerability scans on internal and external workstations, servers and network devices
- Generate and share monitoring results with various operations and compliance teams
- Monitor, identify, respond and document system misuse, malware, and/or violations of documented policies
- Participate in security event investigation, mitigation and documentation
- Assist internal and external customers with security related requests
- Researching and maintaining knowledge of current information security best practices, vulnerability and threat trends
- Promote security awareness in a manner that creates and fosters a security conscious culture
- Perform all other related duties as assigned
Requirements:
- AS in Cyber Security, Networking, Computer Science or related field, BS is preferred
- One or more of the following certifications, CompTIA Security +, CompTIA CySA+, ISC2 SSCP, SANS GSEC (SEC401)
- Knowledge/experience with End-Point protection solutions NIDS/HIDS devices and SIEM monitoring solutions
- This position will require some weekend/evening assignments in addition to availability during traditional off-hours for participation in scheduled/unscheduled activities
- A mobile phone is required
- Ability to lift up to 25 lbs., walk, stand, sit, bend, twist and reach with hands and arms
- Ability to maintain confidentiality of information and compartmentalized team activities
- Knowledge with desktop server operating systems i.e. Windows, Linux, IOS/Mac OSX
- Understanding of Domain Structures, User Authentication, Authorization and Accounting technologies
- Working knowledge of Infrastructure Security Technologies, e.g. encryption, digital signatures and network protocols (TCP/IP)
- Elementary knowledge of Information Security Principles, Risk Mitigation, Vulnerability Assessment and Threat Analysis
- Rudimentary understanding of regulatory regulations/standards, i.e. PCI, GLBA, HIPPA
- Fundamental knowledge with common Information Security tools, i.e. Metasploit, NMap, Wireshark, Kali Linux
- Experience using Bash, PowerShell, Perl, Python scripting tools
- Time management skills, ability to meet deadlines with changing priorities
- Basic problem solving skills with the keen ability to rapidly define problems, collect data, establish facts, and draw valid conclusions
- Ability to track action items, document, and follow up
- Ability to work independently as well as part of a team
- Willingness to learn
- Excellent interpersonal, organizational, and communication skills
Environmental Conditions:
Work indoors in a controlled environment. May be exposed to dust and other airborne particles.