Junior Information Security Analyst

Job Summary:

The Junior Information Security Analyst continuously monitors and maintains end-point protection solutions to ensure that all information and data assets are appropriately protected from intentional/unauthorized, accidental access, modification or destruction.  This position strongly relies on the strict adherence of established and cyber-security policies, procedures, and NIST, CIS, standards and guidelines.

Description:

• Monitor events and alerts generated by information security controls, monitoring systems, end-point protection solutions, asset management tools to satisfy regulatory compliance requirements
• Identify, respond and escalate information security events as appropriate
• Conduct, investigation, support and report of events from information monitoring and detection solutions
• Contributing to the development of information security requirements to assures the computing assets are protected and satisfy compliance requirements
• Assist with vulnerability scans on internal and external workstations, servers and network devices
• Generate and share monitoring results with various operations and compliance teams
• Monitor, identify, respond and document system misuse, malware, and/or violations of documented policies
• Participate in security event investigation, mitigation and documentation
• Assist internal and external customers with security related requests
• Researching and maintaining knowledge of current information security best practices, vulnerability and threat trends
• Promote security awareness in a manner that creates and fosters a security conscious culture
• Perform all other related duties as assigned

Requirements:

• AS in Cyber Security, Networking, Computer Science or related field, BS is preferred
• One or more of the following certifications, CompTIA Security +, CompTIA CySA+, ISC2 SSCP, SANS GSEC (SEC401)
• Knowledge/experience with End-Point protection solutions NIDS/HIDS devices and SIEM monitoring solutions
• This position will require some weekend/evening assignments in addition to availability during traditional off-hours for participation in scheduled/unscheduled activities
• A mobile phone is required
• Ability to lift up to 25 lbs., walk, stand, sit, bend, twist and reach with hands and arms
• Ability to maintain confidentiality of information and compartmentalized team activities
• Knowledge with desktop server operating systems i.e. Windows, Linux, IOS/Mac OSX
• Understanding of Domain Structures, User Authentication, Authorization and Accounting technologies
• Working knowledge of Infrastructure Security Technologies, e.g. encryption, digital signatures and network protocols (TCP/IP)
• Elementary knowledge of Information Security Principles, Risk Mitigation, Vulnerability Assessment and Threat Analysis
• Rudimentary understanding of regulatory regulations/standards, i.e. PCI, GLBA, HIPPA
• Fundamental knowledge with common Information Security tools, i.e. Metasploit, NMap, Wireshark, Kali Linux
• Experience using Bash, PowerShell, Perl, Python scripting tools
• Time management skills, ability to meet deadlines with changing priorities
• Basic problem solving skills with the keen ability to rapidly define problems, collect data, establish facts, and draw valid conclusions
• Ability to track action items, document, and follow up
• Ability to work independently as well as part of a team
• Willingness to learn
• Excellent interpersonal, organizational, and communication skills

Environmental Conditions: