Security Analyst

Company: Infinite Resource Solutions
Location: Alpharetta
Posted on: April 3, 2021

Job Description:

Overview: We are seeking a talented Security Analyst III to be responsible for performing activities relating detection, monitoring and responding to security events. The Security Analyst III receives, researches, triages and documents all security events and alerts as they are received. This individual supports multiple security-related platforms and technologies, interfacing with others within the IT organization, as well as other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third-parties and other sources. The Security Analyst III is expected to lead in-depth analysis review including the hunt for potential compromise across the infrastructure. The Security Analyst III is highly-involved member of the Cyber Security team. This role must display an in-depth understanding of new trends and technologies related to IT security and compliance. This role is regarded as a subject matter expert and provides specific contributions toward the Cybersecurity strategy and tactical roadmap. --- This position is flexibly-remote. That means that this position is currently remote due to COVID. Once we make the transition back into the office, there may be flexibility for a hybrid schedule of both remote and in-office work. Responsibilities: --- As a senior member of the Cybersecurity team, monitor and process response for security events. --- Partner with the Cybersecurity engineering team to improve tool usage and workflow in maturation of monitoring and response capabilities. Participate in major new system implementation projects. --- Uses tools and techniques to collect, analyze and aggregate security metrics data, ensures ongoing system and network health checks, as well as remediation tracking. --- Adhere to service level agreements (SLAs), metrics and business scorecard obligation for ticket handling of security incidents and events. --- Responsible for the creation of foundational documentation such as standard operating procedures (SOPs), and process flows. Analyze existing processes and process gaps. Improve targeted processes and create new processes where gaps exist. --- Drives process improvement and control implementation projects in coordination with the other Enterprise teams. --- Works with management to coordinate responses to information security control testing and vulnerability scans, audits and assessments. --- Maintain dashboards that monitor Cybersecurity KPIs. --- Researches, develops, and keeps abreast of tools, techniques and process improvements in support of cybersecurity threats and countermeasures. Maintain working knowledge of advanced threat detection as the industry evolves. --- Actively engages in the performance of Incident Response activities, including but not limited to, triage, escalation, conducting post-mortem and lessons learned review meetings, as well as remediation tracking. --- Leverage knowledge in multiple security disciplines, such as Windows, UNIX, Linux, data loss prevention (DLP), file integrity monitoring (FIM), endpoint controls, databases, wireless security, data networking and encryption, to offer solutions for a complex heterogeneous environment. --- Leverage automation and orchestration solutions to automate repetitive tasks. --- Aid in threat and vulnerability research across event data collected by systems. --- Investigate and document events to aid incident responders, managers and other Cybersecurity team members on security issues and the emergence of new threats. --- Work alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships. --- Share information as directed with other team members. --- Perform other duties as assigned. --- Adhere to Agile principles and philosophies (Scrum or Kanban, as applicable) in fulfillment of the role. --- Collaborate within the direct team in accordance with Team Agreement, Definition of Ready, and Definition of Done. --- Work as a cross-functional team member in an Agile setting to help complete and deliver the team commitments. --- Collaborate across teams and across business areas in the spirit of an Agile mindset. --- Fulfill the role in the spirit of the Agile Manifesto, with emphasis on delivery of incremental value with frequent iterations and feedback loops. --- Responsible for reporting risks that are identified to the appropriate team and/or management. Additionally, responsible for managing, monitoring and reporting risks within the scope of your work area, to include, but not limited to Information Security risks. --- Actively supports our culture and embraces our core values of Work as Partners, Communicate Openly and Honestly, Demonstrate Excellence and Champion Change in all interactions. Qualifications: --- 7 or more years of IT technical experience with 5+ years' broad-based experience in cybersecurity. Specialized expertise a plus. --- Bachelor's degree in Computer Science, Information Security, or related discipline is preferred or an equivalent combination of education and/or experience. --- CISSP required. --- 5+ years' experience with Linux and/or Windows operating systems. --- 5+ year's information security monitoring and/or incident response or related experience. --- 3+ years' experience with Firewall, Routers, and Switches a preferred. --- Experience driving measurable improvement in monitoring and response capabilities at scale. --- Solid understanding of TCP/IP protocols, network/packet analysis and intrusion detection/prevention preferred. --- Experience working in a 24x7 operational environment, with geographic disparity preferred. --- Experience working with a variety of security-related platforms and services, including: Security Information and Event Management (SIEM) systems, Threat Intelligence platforms, Security Orchestration, Automation and Response (SOAR) solutions, Intrusion Detection and Prevention systems (IDS/IPS), Anti-Virus, Data Loss Prevention (DLP), Encryption technologies, File Integrity Monitoring (FIM), and other network and system monitoring tools. --- Experience with NIST 800-53, NIST CSF, IS 27001, PCI-DSS and SOC standards. FFIEC, NCUA, GLBA a plus. --- Preferred security-related certifications (e.g. CISA, CHFI, SSCP, CCSP, C-EH, OSCP, and GPEN). --- PMP a plus. --- Demonstrates highly effective communications skills, with ability to influence business units. --- Has an excellent attention to detail, highly analytical and problem-solving mindset. --- Is highly organized and efficient. --- Leverages strategic and tactical thinking. --- Works calmly under pressure and with tight deadlines. --- Demonstrates effective decision-making skills. --- Is highly trustworthy; leads by example.

Keywords: Infinite Resource Solutions, Alpharetta , Security Analyst, Professions , Alpharetta, Georgia