Analyst IT Security III (

Positions Summary:

* Identify JetBlueÁ’s information security vulnerabilities and the threats that could exploit those vulnerabilities. Develop and implement processes and tools for detecting, identifying and analyzing information security incidents.

Essential Functions:

* Manage tools and processes to detect, identify, alert, remediate and escalate information security incidents
* Analyze information security incidents
* Provide front line incident response support
* Assess JetBlueÁ’s critical information assets for vulnerabilities and communicate those vulnerabilities to system owners and IT management
* Consult with developers, system engineers and IT architects on implementing secure systems
* Maintain deep expertise in threats and threat trends
* Assess vulnerabilities announced by suppliers
* Coordinate 3rd party vulnerability assessments

Interactions:

* Receives general instructions on what is to be done, limitations, quality and quantity expected, deadlines, and priority of assignments from Supervisor. Uses initiative in carrying out recurring assignments independently without specific instruction but receives additional specific instructions from Supervisor for new, difficult, or special projects/assignments

Working Conditions:

Equipment:
* Computer and other office equipment

Work Environment:
* Normal office environment

Job Experience:

Minimum Qualifications:

* Bachelor's Degree in a related discipline and/or demonstrated capability through previous experience and education to perform job responsibilities
* Security related certification (e.g. CISSP, CISA)
* Six (6) years Information Security & Compliance experience
* Demonstrated knowledge of industry best practices for project management
* Experience with regulatory/compliance requirements and other regulatory laws (PCI, PII, Privacy Laws, SOX, HIPAA, etc)
* Knowledge of ISO 17799; NIST SP 800:30 and other leading security standards
* Regular attendance and punctuality
* Organizational fit for the JetBlue culture, that is, exhibit the JetBlue values of Safety, Caring, Integrity, Fun and Passion
* Well groomed and able to maintain a professional appearance
* Pass a ten (10) year background check and pre-employment drug test
* Legally eligible to work in the country in which the position is located



Knowledge, Skills, and Abilities:

* Effective written and oral communication skills. Effective presentation skills.
* Team skills - must be able to work in a team environment as a productive and cordial team player
* Integrity - must be trustworthy, discrete, and able to handle information in confidence.
* Excellent problem solving Á– determine relevant data, consider multiple perspectives, augment knowledge from other sources, use alternative approaches to verify, and synthesize information to determine relationships
* Time management - able to balance effort between multiple assigned tasks, recognizing when to seek help or guidance, and avoiding a state of constant re-prioritizing as new tasks arise which prevents one from actually completing tasks

* Security vulnerabilities/weaknesses - fundamental causes of vulnerabilities through which most attacks are exploited. Able to recognize and categorize the most common types of vulnerabilities and associated attacks.
* Incident Analysis - identify what critical information is missing, where clarification is required, and the effect and scope of the activity. Determine the tools or attacks used, the level of access gained, timeframes, damage or implications associated with the attack, and the hosts/sites involved.
* Network Protocols - familiar with protocols such as IP, TCP, UDP, ICMP, ARP, RARP, TFTP, FTP, HTTP, HTTPS, SNMP, and SMTP. Understand how these protocols work, what they are used for, the differences between them, some of the common wea