The IT Security Analyst is responsible for the administration, support, engineering and service delivery associated with IT security operations, technologies and technical services. This role will administer the many facets of IT security of the firm’s technology infrastructure including coordination of security service providers, vulnerabilities, threats, tools and end to end security operational support.
The successful candidate should have the ability to analyze, quantify, prioritize, summarize and report on threats and vulnerabilities in a clear and actionable manner. The candidate must also understand how to analyze issues using a risk-based approach and work with management and other IT areas to develop practical solutions that can be implemented to effectively mitigate and manage risks. The ability to collaborate and partner with different IT areas to provide subject matter expertise, guidance and project and operational security support is crucial.
· Coordination of IT’s role in Information Security Incident Response process, including overall ownership of all information security incidents and tracking of all security related incidents from notification to resolution.
· Review, analyze and prioritize the remediation of emerging threats and vulnerabilities
· Track identified information security risks and mitigations
· Work with security vendors and service providers
· Provide security operational support for the entire infrastructure stack including but not limited to network, end points, desktops, servers, software, applications, databases, voice and mobile devices
· Administer security tools
· Administer & analyze current security systems and present recommendations for improvement
· Coordinate penetration testing and Vulnerability scanning
· Develop and maintain technical procedures, processes and documentation to support information security policies
· Work with all areas of IT to ensure compliance with technical security controls that comply with Information Security Policies
· Keep Current with Information Security threats, trends and solutions
· Support projects and initiatives and provide SME security input and recommendations
· BS/BA degree in Information technology, computer science or similar discipline or comparable work experience.
· Demonstrated experience ina security operational support role
· Demonstrated knowledge and experience evaluating, designing, testing and supporting hardware and software based security tools
· Deep knowledge of security tools, including Firewall, IDS, IPS, email encryption, DLP, vulnerability scanning, penetration testing, anti-virus, spyware, as well we methods to implement such tools in a complex environment
· Experience with ISO 27001/27002 standards, the HiTrust Common Security Framework, HIPAA Privacy and Security Regulations;
· Extensive knowledge and understanding of network and OS principles, technologies and systems
· Ability to audit existing applications and implement procedures to improve security
· Must have excellent written and oral communication skills.
· Ability to prioritize and drive results with a high emphasis on quality
· Ability to discuss security risks in business terms and develop practical, risk-based approaches to mitigate risks
· Ability to work independently and take ownership of assigned projects
· Must be detailed oriented and be able to meet deadlines
· 5+ years of prior experience working in an enterprise IT environment.
· Travel requirement: Up to 10% domestically in the US, subject to change. Some travel to foreign locations possible.
For a full listing of jobs, go to www.nelsonjobs.com, our premier job search engine for candidates. Comprised of three major business units—Nelson & Associates, Nelson Staffing, and Nelson Technology—this company with 40+ years in staffing provides recruiting services to clients and candidates in accounting & finance, clerical, administration, human resources, technology, light industrial, manufacturing, legal, engineering, computer gaming, digital media, and the wine and beverage industries. Nelson places job candidates quickly in a number of fields in full-time, executive, consultative, and temporary positions.