Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Assist in performing vulnerability assessments and monitor systems, network, databases and Web for potential system breaches. Respond to alerts from information security tools. Report, investigate and resolve security incidents. Educate and communicate security requirements and procedures to all users and new employees. Recommend and implement changes to enhance systems security and prevent unauthorized access. Research security trends, new methods and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. Ensure compliance with regulations and privacy laws.
- Perform ongoing monitoring and threat analysis.
- Analyze logs/traffic.
- Identify potential IT security incidents and escalates information to appropriate staff.
- Assess threat and vulnerability information from all sources (both internal and external) and promptly apply applicable mitigation techniques initiating indications and warnings.
- Conduct vulnerability analysis and assessments across the entire IT enterprise in support of operations and maintenance activities. Provide ongoing reporting on the current state of vulnerability assessments.
- Develop mitigation and remediation plans as a result of vulnerability assessment findings.
- Train users and promotes security awareness to ensure system security and to improve server and network efficiency.
- Confer with users to discuss issues including but not limited to computer data access needs, security violations, and programming changes.
- Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
- Monitor current reports of computer malware to determine when to update protection systems.
- Document computer security and emergency measures policies, procedures, and tests.
- Other duties may be assigned
Knowledge, Skills, and Abilities Required:
Based on task(s) assigned, state-of-the-art expertise on the hardware, software, and systems in use by the IT Security team, including but not limited to SIEM technology, Vulnerability assessment and scanning systems, Firewalls, Endpoint protection systems, and Intrusion Protection Systems. Customer service skills training.:
- At least two (2) years of related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
- At least four (4) years’ experience with Microsoft Active Directory administration, Network Technologies (LAN, WAN, VPN), Operating Systems (Linux, MAC, Windows), and endpoint protection.
- Previous experience in performing 1st level analysis and interpretation of information from SOC systems.
- Experience collecting network traffic and performing traffic analysis to identify anomalies such as network intrusions, misuse, and verify effectiveness of security controls.
- Prior experience in incident identification/analysis and escalation procedures.
- Understanding of ISO 27000 series; NIST 800 series, and Cyber Security Framework (CSF).
- Understanding of security controls to protect information systems consistent within the industry.
- Degree in Information Systems, Information Technology, or a related area.
All your information will be kept confidential according to Equal Employment Opportunities guidelines.