Job Description

Role: Security Analyst

Location: Jacksonville FL

REQUIRED COMPETENCIES:

Advanced – In-depth understanding of the required competencies with advanced skills and abilities, sufficient to successfully apply them under limited supervision in multiple situations.

Knowledge of:

• Applicable programming languages and coding techniques.

• Systems hardware, software and data communications functionality and capability.

• Systems Development Life Cycle (SDLC) deliverables and tools.

• Process management, performance tracking and measurement tools.

• Data driven problem-solving techniques and technical report writing

• Various cross-platform software systems.

• Configuration management concepts and tools.

• System and business architecture design concepts.

• Information Technology Library Infrastructure (ITIL) framework and best practices.

• Applicable industry standards for security systems.

Skill in:

• Implementing, maintaining, and troubleshooting software systems.

• Designing, creating, and interpreting flowcharts.

• Testing software or hardware security installations, enhancements and upgrades.

• Troubleshooting and resolving software related issues.

Ability to:

• Oversee the work of others, and provide coaching, mentoring and training.

• Set priorities and establish a systematic course of action to ensure accomplishment of objectives on time and within budget.

• Deal with ambiguity and make decisions with limited information.

• Exercise creativity and imagination in approaching assignments.

• Quickly grasp new ideas and concepts.

• Work well within a team and assist others with their assignments.

• Acquire and maintain knowledge of the business and Technology Services products.

• Research and acquire knowledge of developing information technology trends and emerging technologies.

• Identify what issues need to be communicated and inform others.

• Establish and maintain effective working relationships with internal customers.

• Use communication skills, orally and in writing, with users with varied backgrounds and experience.

• Follow through with commitments.

• Creatively solve problems.

• Research and acquire knowledge of developing information security trends, emerging technologies, and best practices.

• Deal with ambiguity and make decisions with limited information.

EXAMPLES OF PROFESSIONAL WORK:

• May monitor the work of others and provide some coaching and mentoring.

• Implements, maintains and troubleshoots software systems.

• Performs security audits, risk assessment and analysis.

• Tests software systems.

• Makes recommendations for enhancing and formulating policies and procedures.

• Consults with internal customers to identify and analyze needs and recommends solutions that meet business goals.

• Resolves problems and provides technical assistance and training to users in software enhancements and upgrades.

• Performs or ensures system administration tasks, including adding users, user groups and accounts are successfully accomplished.

• Analyzes, diagnoses, troubleshoots and resolves software and production issues.

• Writes or modifies basic scripts and performs light programming to resolve performance problems and automate systems administration tasks.

• Resolves escalated problems and identifies and recommends responses to new or unusual situations.

• Ensures system documentation and logs are maintained and procedures are documented.

• Reviews research data; and performs or ensures testing and evaluation of vendor hardware, software and other system components is performed as required.

• Manages vendor relationships.

• Ensures that plans and procedures for operating under both normal and emergency conditions are accurate, appropriate and up-to-date.

• Promulgates and enforces established technical and procedural standards.

• Assists in disaster recovery testing.

• Resolves escalated problems, responds to new and unusual situations and recommends solutions to systemic problems.

• Participates in ongoing training to continuously upgrade technical knowledge and skills.

• Performs other job-related tasks as assigned.

KNOWLEDGE, SKILLS, AND ABILITIES:

• Systems, data and network security administration, including firewalls, encryption technologies and network protocols.

• Information Security Frameworks such as NIST Cyber Security Framework, Critical Security Controls, COBIT.

• Infrastructure, sufficient to work across organizational lines with other teams to resolve problems and issues.

• Local, state and federal emergency planning processes.

Skill in:

• Designing, implementing, and administering information security systems including logical access.

• Developing, installing, and supporting information security solutions.

• Identifying and mitigating potential information security vulnerabilities.

• Troubleshooting and resolving multiple information security issues.

• Performing log analysis such as operating systems, networks, or applications

• Scripting languages such as VBScript, Python, or PowerShell and Regex expressions.

• Leading all phases of Incident Response process.

• Operating systems, network/system architecture, protocols, and services.

• Identifying and mitigating threats, vulnerabilities, and exploits.

• Applicable programming languages and coding techniques.

• Systems Development Life Cycle (SDLC) deliverables and tools.

• Completing and adhering to enterprise change management processes.

• Detailed log analysis utilizing a SIEM (Security Information and Event Management) and Raw logs.

• Leading Security Operations Center operations and strategies functioning at all Tiers.

• Security system analysis, design, programming and installation.

• Network management protocols, architecture and authentication practices.

• Infrastructure, sufficient to work across organizational lines with other teams to resolve problems and issues.

• Profiling threat actors, to identify tactics, techniques, and procedures (TTP) of advance persistence threat operations.

• Leading and coordinating threat hunting and analysis activities.

• Driving and coordinating system optimization, tuning, and remediation initiatives.

• Analyzing security controls and processes for continual improvement.

• Performing computer forensics protocols and evidence gathering including acquisition, analysis, and reporting.

• Executing activities in the areas of security risk identification, analysis, classification, and mitigation strategies.

• Leading creation of information security regulatory requirements, security policies, and security best practices. Advises departments across the organization on appropriate controls consistent with security policies, standards, and best practices.

• Cloud based services, offerings, and architecture such as SaaS (O365), PaaS, and IaaS in the cloud providers AWS and AZURE.

• Advanced skills in using required software including Microsoft Office (Excel, Word, PowerPoint, Outlook) and Visio.

EXAMPLES OF PROFESSIONAL WORK:

• Implement, administer, monitor, maintain, and update user accounts, firewalls, virus prevention systems, and other security systems.

• Including cloud-based services, offerings, and architecture such as SaaS (O365), PaaS, and IaaS in the cloud providers AWS and AZURE

• Monitor the performance and health of systems, including assisting in responding to incidents and troubleshooting.

• Perform intrusion detection analysis and researches attempted breaches of data security and rectifying security weaknesses.

• Detect and investigate system vulnerabilities and abnormalities, mitigate, and prevent.

• Trend security events for baselines.

• Establish standards and perform audit of security controls.

• Update communication platforms such as SharePoint for Security Awareness.

• Establish and maintain inventory of systems, attributes and associated controls.

• Investigate incidents including technical write up of events and trending.

• Perform system design, installation and administration, including creation or editing of operational guides.

• Test and evaluate new technology.

• Perform vulnerability/pen testing including mitigation plans.

• Analyze security requirements and provide objective advice ensuring adherence and implementation.

• Design, analyze and implement effective information security systems and controls.

• Configure, optimize, fine-tune, monitor, and maintain server operating system and system applications.

• Write and/or edit Requests for Proposals (RFPs), Requests for Information (RFIs), Intent to Negotiate (ITN) related to technology projects.

• Respond to evidence requests in support of regulatory compliance.

LICENSE/CERTIFICATION/REGISTRATION:

Two (2) or more, or their equivalent:

• DoD 8570 Certifications

• GIAC Continuous Monitoring Certification (GMON)

• GIAC Global Information Assurance - Public Cloud Security (GPCS)

• Microsoft Certified Systems Engineer (MCSE)

• Amazon Web Services Cloud Practitioner

• Amazon Web Services Solutions Architect Associate/Professional

• Amazon Web Services Certified Security Specialty

• Azure Fundamentals

• Azure Security Operations

• Azure Security Technologies

• Azure Security Engineer

• Azure Solutions Architect

• Aviatrix Certified Engineer (ACE)

Thank You

Job Tags

Similar Jobs