Information Security Analyst II
11223 Information Security Analyst II (Open)
Enterprise Information Security
The Information Security Analyst II will support the security policies, practices, procedures, and technologies in order to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security expert within the organization, helping ensure corporate security controls are effective. This role will also be involved with day-to-day security operations by responding to security events of interest and recommending corrective action by working with IT and non-IT team members.
* Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: IPS/IDS alerts, Application Firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.
* Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing
* Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediating of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
* Participate in the organization's incident response plan and perform incident reporting on an as needed basis
* Support processes such as Managing web browsing protections, web content filtering, and web site category white-listing/blacklisting, support automated encryption/decryption and secure file transfer of sensitive business process files, manage internally generated SSL certificates and SSL certificates generated by a managed PKI vendor and internal Certificate Authority
* Experience with audits, controls, and PCI requirements
* Experience managing network and system vulnerability process, monitoring security event alerts.
* Experience maintaining any of the following information security technologies, such as: IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection preferred.
* Qualified and successful candidates will have at least 1 year of experience working within information security roles or 3-5 years Information Systems technical administration or support roles.
* Knowledge of TCP/IP: must be able to demonstrate technical understanding of TCP/IP traffic including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.;
* Understanding of a variety of network and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits
* Working knowledge with IT security, compliance, and regulatory requirements, such as: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Healthcare Information Privacy Protection Act (HIPPA), state and Federal privacy laws
* Advanced knowledge of IT security concepts.
Bachelors Degree in Computer Science, Information Security, related field, or equivalent experience
* Preferred -Penetration testing/ethical hacking certification(s) preferred