Advantage Tech is looking for a remote Security Analyst for our Lee's Summit, MO Client.
Job Description
• Responsible for ensuring preventative and detective controls, safeguards and countermeasures are in place to effectively protect information systems and information assets from threats and harm.
• Responsible for ensuring security requirements and security validation procedures are defined, documented and integrated within all phases of the organization’s system development and system acquisition framework.
• Translates technology and environmental conditions (e.g., law and regulation) into system and security requirements, designs, solutions and processes. Evaluates and provides recommendations related to the security and risk management aspects of the organization’s information technology ecosystem.
• Oversees the execution of threat and vulnerability assessments, determines deviations from acceptable configurations and policy, assesses the level of risk, and develops and/or recommends appropriate remediation plans, corrective actions and/or mitigating controls. Oversees the integration, testing, operations, and maintenance of systems security.
• Oversees, manages, administers and monitors security related functions and solutions including, but not limited to, firewalls, intrusion detection systems, vulnerability management systems, threat management systems, antivirus systems, antimalware systems, cloud-based security systems, secure email gateway appliances, web filtering systems, content filtering systems, security information and event management (SIEM) platforms, data-loss prevention (DLP) systems, multi-factor authentication systems, and identity and access management systems.
• Oversees the collection and analysis of security information and event management (SIEM) data to ensure malicious threats, inappropriate activities, or any events that could potentially impact the confidentiality, integrity and availability of the organization’s information systems and assets are proactively monitored and reported in a timely fashion.
• Responsible for correlating data from multiple sources to ensure detective and monitoring controls are designed and operating effectively and focused on identifying indicators of compromise.
• Responds to security events, incidents, inquiries, investigations and e-discovery requests in a timely fashion. Security incident response activities include, but are not limited to, incident containment, eradication, collection of evidence, correlation of SIEM data, data analysis, resolution and assisting with corrective action plans and remediation efforts.
• Participates in providing security related training to all levels of the organization’s staff.
• Participates in internal and external audit, compliance and legal support activities. Assists with resolving open audit and compliance security issues.
• Participates in the organization’s business continuity, disaster recovery and crisis management programs including, but not limited to, the preparation and maintenance of continuity plans, recovery plans, standard operating procedures, risk assessments, and testing.
• Assists with the identification and classification of information assets and other information governance related activities.
• Recommends security, threat and risk management solutions and processes that enhance and support the vision, mission and goals of the Cybersecurity and Information Security department. Identifies process improvements, and opportunities to automate or streamline existing processes.
• Creates and maintains documentation in support of team responsibilities, including, but not limited to, security operations, business continuity, disaster recovery, incident response, security assessments, vulnerability management, remediation activities, standard operating procedures, training, and metrics.
• Other duties as assigned.
Additional Job Description
• Requires a Bachelor’s degree in Computer Science, Information Systems, or related discipline.
• Requires seven plus years of experience in Information Technology, Information Security, IT Assurance, IT Governance, Risk Management and/or Business Continuity Management.
• Additional years of qualifying experience may be considered in lieu of formal education and certification requirements.
• Requires working knowledge of IP networks, firewalls, and Active Directory, Mobile Device Management, Cloud Governance, Citrix, Splunk, Microsoft SQL,Microsoft Office 365, Microsoft Azure AD, encryption and virtual computing environment experience a plus (e.g., VMWare).
• Requires experience with daily security activities such as log review, incident response, disaster recovery, security assessments, and vulnerability management. Must be customer service focused, organized, detail oriented, analytical, able to multitask.
• Requires effective verbal and written communication skills to interface with management and employees.
• Strong communication skills, both verbal and written are required
• Strong analytical and problem-solving skills to enable effective security incident and problem resolution
• Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
• Ability to work well under minimal supervision
• Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors, business and internal IT personnel.
• Experience in developing, documenting and maintaining security procedures.
• Establishes a productive behavior in a rapidly changing environment brought about by growth of the company, aggressive international competition in the marketplace, and new technologies.
• At all times, works with a sense of urgency and commitment to understand security system and regulatory requirements, assist in the development of alternate solutions and assist in implementation of selected solutions requiring security system expertise.
• Readily takes ownership of assigned projects and is highly motivated to improve existing processes.
• Maintain work place values that include Integrity, Respect for People, Customer Passion, Energy, and Excellence.
