"Alerted.org

Overview

Summary

The Security Analyst is primarily responsible for the detection and response part of the security program. Leveraging a combination of tools, processes, and skills a Security Analyst will analyze both data sources and effectively recognize and establish incident responses for potential, successful, and unsuccessful intrusion attempts and compromises while ensuring operational support to the organization.

Accountabilities

• Performs cyber security incident response activities, coordinates with other SOC team members to triage, record and report incidents.

• Monitoring security incidents and event management systems, along with responding to alerts and notifications as appropriate, automating this activity wherever possible.

• Investigation of suspicious network and endpoint activity and developing systems to automate and scale this capability

• Identifies security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives, and develops/recommends solutions to remediate identified threats.

• Support end-user security issues; including phishing, encryption, infected computer systems and more and developing systems to phishing response, test encryption, multi-factor support, detect computer infection and response capabilities.

• Partners with information security engineers to implement and maintain security technologies.

• Collaborates with privacy and security advisors to address enterprise risks.

• Assists in managing & administering enterprise security tools

• Support malware and forensic analysis as required.

• Assists with implementation of countermeasures or mitigating controls.

• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.

• Performs periodic and on-demand system audits and security assessments, including user accounts, application access, file system and external web integrity scans to determine compliance.

• Supports enterprise vulnerability scanning, penetration testing, and compliance efforts.

Skills and Abilities

• Demonstrate a developing passion for the information security field.

• Experience with security system monitoring and response activities to support protect/defend/respond/recover requirements.

• Experience with security system analyst and administrative activities (e.g., SIEM, IPS/IDS, system event logging/auditing, SOAR, etc.).

• Proven problem analysis skills and articulate communicator of complex technical and business topics.

• Knowledgeable of computer networking, application and operating system security, administration and/or forensics (Windows, Unix/Linux, Macintosh).

• Continuing awareness of evolving technological threats and vulnerabilities.

• Experience with vulnerability scanning and remediation.

• Ability to work within deadlines and with multiple priorities; ability to adapt to changing priorities.

• Orientation to teamwork and achievement of company and departmental goals.

• Must be able and willing to provide 24x7 support for organizational incidents and events.

• Strong listening, verbal, written, and interpersonal communication skills. Ability to constructively resolve technical issues and conflicts as they arise.

• Preferred demonstrated security research, programming, seminar/conference, writing, or community-oriented leadership activities.

• Preferred experience managing the technical aspects of an enterprise infrastructure (server, network, PCs, Active Directory).

• Preferred Certified Information Systems Security Professional (CISSP), or related certification.

• Preferred experience in healthcare and academia.

REQNUMBER: 31949