IT Security Analyst (Remote)

POSITION SUMMARY

The role of the Security Analyst is to ensure systems operate at peak performance while enhancing our security measures. This role will be required to analyze, provide solutions, and correct flaws to the security systems, processes, and programs. This role will be responsible for planning, installing, configuring, maintaining, supporting, and documenting our systems and solutions. Data governance, risk management, and incident response are also a critical part of the role.  

PRINCIPAL DUTIES & RESPONSIBILITIES

• Implement security projects and support risk management strategies. 
• Implement, update, and maintain Windows servers, backups, O365 suite, AWS and overall cloud infrastructure, networking devices, and security tools. 
• Conduct vulnerability scans, document, report, and remediate vulnerabilities and risks. 
• Monitor network and host-based intrusion detection/prevention systems. 
• Lead data governance including data mapping, data flows, DLP, and auditing of controls.
• Lead identity management including securing authentication methods with third party SaaS solutions, setting naming conventions, define roles and permissions, and policies. Audit user access, onboarding/offboarding, and making sure our policies and processes are adhered to. 
• Identify and implement appropriate security safeguards.
• Lead asset management program. Define and refine the current system to track current assets, identify unidentified software and devices, and take necessary action to ensure only approved devices and software are on our systems. 
• Monitor and analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security breaches. 
• Lead developing and implementing security policies and procedures with adherence to well-known frameworks. 
• Keep current on cybersecurity threat landscape and be proactive on preventing and mitigating new threats. 
• Manage vendors and identify the security of third-party vendors and collaborate to meet security requirements. 
• Drive security awareness program and ensure leadership and end users are well informed on current risks and their role in keeping our environment secure. 
• Lead incident response and remediation. 
• Participate in 24x7 weekly on call rotation to handle emergency and security related events as they come up. 

EDUCATION & EXPERIENCE

• Bachelor’s degree or equivalent in the field of IT/Computer Science or 3-5 years equivalent work experience. 
• Technical knowledge of client/server technology, server virtualization w/ Vmware, networking systems and solutions, middleware concepts, IT security, storage/SAN management, mission critical/high availability concepts, consolidation, data warehousing, cloud computing and technologies.  
• Technical knowledge of AWS including: Cloudtrail, AWS WAF, networking, and EC2 
  
• Advanced knowledge of O365 including: Intune, Conditional Access policies, EntraID, Exchange Online, Sharepoint
  
• Strong written and communication skill required
• CompTIA Security+ certification or CASP
• AWS Cloud Practitioner
  
• Knowledge of Security Frameworks:  ISO 27001, PCI-DSS, SOC I/II, CIS, NIST
  
• Certified Information Systems Security Professional (CISSP) or CISM

Compensation$90,000-$95,000