Senior IT Security Analyst
This job is no longer active. View similar jobs
ENGIE is a global energy company, a leading provider of electricity, natural gas, and energy services. With 154,950 employees in more than 70 countries worldwide, ENGIE achieved revenue of 69.9 billion in 2015. ENGIE is committed to being a leader in the energy transition. We are looking for talented and motivated people to create the future of energy.
Join a rewarding and flexible work environment that encourages innovation and creativity, and help us meet the energy challenges of today and tomorrow.
We are looking for a Senior IT Security Analyst to join our IT Team!
The Sr. IT Security Analyst is responsible for the day-to-day monitoring, scanning, incident response, and operational reporting of information security. Identify potential threats, respond to reported security violations and recommend corrective actions to ensure data security. Develops information security plans and procedures to implement security controls that promote the confidentiality, integrity, and availability of computer systems. Works closely with IT and the business units to administer user life cycle management and effective authentication and authorization to systems and data. Leads security projects, deploys and administers security systems solutions and researches, recommends and implements changes to procedures and systems to enhance data systems security. Ensures compliance with all regulatory Cyber Security requirements.
ESSENTIAL JOB FUNCTIONS
* Deploy, manage, and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, security information & event management (SIEM) systems, and anti-virus software.
* Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
* Administer and maintain end user accounts, permissions, and access rights.
* Manage connection security for local area networks, the company websites, the company intranet, and e-mail communications.
* Manage and ensure the security of databases and data transferred both internally and externally.
* Design, perform, and/or oversee vulnerability scanning and penetration testing of all systems in order to identify system vulnerabilities.
* Design, implement, and report on security system and end user activity audits.
* Monitor server logs, firewall logs, intrusion detection logs, SIEM dashboards and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
* Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
* Assess need for any security reconfigurations (minor or significant) and execute them if required.
* Keep current with emerging security alerts and issues.
* Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
* Interact and negotiate with vendors, outsourcers, and contractors to obtain protection services and products.
* Download and test new security software and/or technologies.
* Recommend, schedule, and perform security improvements, upgrades, and/or purchases.
* Assist in completion of special projects on an as needed basis within the IT Department.
* Assist in completing Global cyber & information security directives.
* Carries out other duties as assigned.
* In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls
* Knowledge of and experience in developing, documenting and maintaining security architecture and plans, processes, procedures, including tactical and project plans.
ESSENTIAL PHYSICAL ABILITIES
* Ability to meet highest attendance requirements
* Ability to communicate effectively, both written and verbally.
* Ability to handle multiple assignments on a timely basis with a high degree of accuracy.
* Ability to use personal computer, calculator, etc.
* Could involve some lifting.
* Bachelors degree in computer science, information systems, engineering or an equivalent combination of education and experience required.
* 5-7 years of experience in system security and/or administration and support of enterprise solutions required.
* Experience with common information security management frameworks, such as IT Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (CobiT), CIS Controls for Effective Cyber Defense, and National Institute of Standards and Technology (NIST) frameworks
* CISSP certification preferred
* PMP preferred
* Proficient with Microsoft Project, Word, PowerPoint and Excel
Work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is not exposed to weather conditions. The noise level in the work environment is usually moderate.
This job posting is supported by the ENGIE Recruiting Team. Agency involvement is not required. All related inquiries must come to the Recruiting team and not to direct ENGIE Managers.