The IT Analyst - Cyber Security is responsible for validating that technology services are designed and implemented with high security standards. The role manages and enhances the security of applications in tandem with their underlying infrastructure services, including connected dependencies such as middle-tier systems and databases, in internal and third-party environments. Additionally, the IT Analyst - Cyber Security addresses legacy and emerging security issues and implements repeatable operational countermeasures to mitigate risk of exploitation). IT Analyst - Cyber Security will assess the technical environment for weaknesses and find resolutions before they can be abused. Considered a highly knowledgeable individual, the IT Analyst - Cyber Security is expected to recommend applicable controls including technical, physical, logical and administrative, and manage secure development practices to address potential security issues.
ESSENTIAL FUNCTIONS:
- Monitor computer networks for security issues.
- Investigate security breaches and other cybersecurity incidents.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause.
- Work with the IT team to perform tests and uncover network vulnerabilities.
- Fix detected vulnerabilities to maintain a high-security standard.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Perform penetration testing.
- Help colleagues install security software and understand information security management.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.
- Other duties as assigned.
Required Skills
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- An in depth understanding of identity access management, segregation of duties and application security audits
Required Experience
- 10 years of experience in information security or related field.
- 15 year of experience with computer network penetration testing and techniques.
- Bachelor's degree in computer science or related field.
- Understanding of ISO27001, SOC2, NIST would be a plus.
- MBA in information systems a plus