Security Analyst Level III-FTL

Job Description

• Risk assessment and analysis, and compliance testing.
• Administration of security, threat management and monitoring tools and toolkits.

• Microsoft operating systems, Active Directory security
• Centralized anti-malware protection and system hardening
• Cisco networking products (routers, switches, firewalls, UCS)
• Data extraction and analytics, Excel formulas and pivot tables, CSV file manipulation

• General knowledge:
  • ITIL framework (change, incident, problem, configuration, asset, and service level management)
  • Project management methodologies
  • Information security standards and frameworks, rules and regulations related to information security and data protection
  • Principles for risk identification and analysis of desktops, servers, applications, databases, networks, and facilities.
• IT Security skills:
• Ethical hacking practices
• Remote access technology•
• Encryption best practices
• Security Incident and Event Management
• Intrusion detection and prevention
• File Integrity Monitoring
• Data loss prevention
• Computer forensic investigation practices
• VoIP security

• Essential abilities:
  • Strong analytical and problem solving capabilities.
  • Excellent communication (oral, written, presentation), interpersonal and consultative skills.

• Responsible for administering risk management, threat management, and security monitoring tools.
• Monitor and consult on information security issues related to Company and 3rd party systems, and workflow to ensure security controls are appropriate and operating as intended.•
• Lead and oversee execution of IT security projects for the Company.
• Participate in internal risk assessments.
• Coordinate and manage responses to information security incidents.
• Assist in the development of Information Security policies, procedures, standards and guidelines based on research, knowledge of best practices and compliance requirements.
• Conduct data classification assessment and security audits, and manage remediation plans.
• Perform security management functions by taking actions to mitigate risks, recommending security strategies, and ensuring controls are implemented and functional.
• Provide security governance by serving as oversight to ensure risks are adequately mitigated, and by aligning security strategies with business objectives and regulatory requirements.
• Interact with IT, Compliance, Facilities, HR and Operations management, legal counsel, safety and security, and law enforcement agencies to manage security vulnerabilities.
• Promote user security awareness.
• Conduct security research in keeping abreast of latest security issues, technologies, and trends.
• Prepare security documentation, including Company notifications and Intranet web content; contribute to Information Security Bulletin on Pulse community website

• Responsible for compliance with all federal, state and local laws, rules and regulations affecting Company.
• Responsible for participating in quality assurance, compliance and in-service and continuing education activities as requested by Company.
• Responsible for performing other duties and responsibilities as required.