Information Security Analyst

Job Description

Perform event and incident response through log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: IPS/IDS alerts, Application Firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.75%Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), General Data Privacy Regulation (GDPR), Sarbanes-Oxley (SOX), and emerging regulatory requirements5%Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediating of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities10%Participate in the organizations incident response plan and perform incident reporting on an as needed basis5%Support processes such as Managing web browsing protections, web content filtering, and web site category white-listing/blacklisting, support automated encryption/decryption and secure file transfer of sensitive business process files, manage internally generated SSL certificates and SSL certificates generated by a managed PKI vendor and internal Certificate Authority5%Must be able to work outside normal business hours when needed in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interruptedOngoingRegular and reliable attendance is required.OngoingIncumbent is accountable for professional working behavior to include; building and maintaining constructive working relationships, implementing proactive and concise communication, acting as a resource to colleagues, and engaging in collaborative thinking and problem solving while demonstrating CSG s core competencies and values.OngoingNOTE: The purpose of this job description is to describe the general nature and level of work performed and it is not intended to be all-inclusive. An employee may perform duties outside of their normal responsibilities as needed.Typical Interactions/Relationships External Security and service vendors, Security providers and consultants, regulatory auditorsInternal Internal Audit, Compliance, Operations, Architecture and business unitsWork Environment

• Standard office environment
• Occasional work in data centers and varied travel locations.

Education

• College degree: Computer Science, Information Security, related field, or equivalent experience

Experience

• Experience with security monitoring and incident response
• Experience maintaining information security technologies, such as: IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners

Preferred

• Qualified and successful candidates will have at least 1 year of experience working within information security roles or 3-5 years Information Systems technical administration or support roles.

Knowledge, Skills and Abilities

• Knowledge of TCP/IP: must be able to demonstrate technical understanding of TCP/IP traffic including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.;
• In-depth knowledge of Windows and Linux operating systems including understanding registry and config files, filesystems, file metadata, services and daemons, and file structures including common file headers
• Knowledge of dynamic and static malware analysis and malicious email analysis. Incident response and management fundamentals including assessing risk and triaging event and alert data.
• Understanding of a variety of system, network, and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits

• Working knowledge with IT security, compliance, and regulatory requirements, such as: Payment Card Industry (PCI) Data Security Standard (DSS), General Data Privacy Regulation (GDPR), Sarbanes-Oxley (SOX), Healthcare Information Privacy Protection Act (HIPPA), and general awareness regulatory requirements

Preferred

• Industry recognized certifications (CEH, GSEC, GIAC, etc)

,

Keyskills :
information securitysiemnetworkingmicrosoft accesscustomer relationsenvironmental impact assessmentit securityweb contentdata privacyweb browsing