Information Security Analyst

POSITIONS SUMMARY: 
This position reports to the Manager - Security, Risk, and Compliance Office, Information Technology Office. The Intermediate Information Security Analyst position is a core member of the Security, Risk, and Compliance Office (SRCO).

This role is responsible for day-to-day information security operational functions.  These responsibilities include Real Time monitoring analysis and resolution of security events from multiple sources.  This position is heavily focused on three aspects of threat and vulnerability management. The first is to manage and maintain the centralized log management, SIEM and FIM systems.  The scope of the vulnerability management process includes: data, application, and infrastructure vulnerabilities and will be facilitated by a combination of manual processes and vulnerability management tools (listed below).  The second aspect is to ensure that such vulnerabilities are prioritized and remediated by the appropriate operations team.  This objective will require heavy cross-functional interaction to clearly communicate vulnerability risk posture with all operations and software development teams.  The candidate will be required to create vulnerability management reports on a regular basis and present the information to multiple types of audiences. The final aspect of this role requires mid-level knowledge for monitoring security by analysing IPS reports, Firewall logs, vulnerability alert systems and operating systems, database, and application frameworks patch levels. Traveling required.

DUTIES AND RESPONSIBILITIES:      

- Support the Threat and Vulnerability Management Program
- Support of Incident Response Process, Risk Assessments
- Support of Payment Card Industry (PCI) compliance and other enterprise security initiatives
- Participate in team projects and assignments
- Responsible for reading and following Department's Procedures and Policies
- Responsible for understanding and enforcing the Department's Policies and Procedures
- Responsible for documenting solutions to Technology issues
- Perform other related duties as assigned

KNOWLEDGE, SKILLS, AND ABILITIES:
The ideal candidate should possess the following:

SKILLS AND EXPERIENCE MATRIX:

A = Candidate must have these attributes

B = Management strongly desires that the candidate have these attributes

C = Management desires the candidate to have these attributes

SKILLS NEEDED

B - Working level knowledge of  File Integrity Monitoring  tools like Tripwire

B - Working level knowledge using Log Management Tools similar to IBM QRadar

B - Working level knowledge using Security Information and Event Management Tools like IBM QRadar

B - Working level knowledge using Network Vulnerability Assessment tools like eEye Retina

B - Working level knowledge using Application Vulnerability Assessment tools like BurpSuite or similar tool set.

B - Working level knowledge using Database Vulnerability Assessment tools like  AppDectective

B - Working level knowledge of Windows and UNIX/Linux server operating systems

C - Experience with penetration testing tools like MetaSploit

B - Experience with process life cycle of the creation, management and compliance of security policies, procedures, standards and guidelines

B - Experience with the processes of identifying appropriate controls to comply with security policies and regulations

A - Experience producing threat and compliance reports for a wide variety of audiences (technical and non-technical)

A - Excellent communication and analytical skills

A - Must work well with others as part of larger team and be able to collaborate on cross functional teams

A - Must be available and willing to work extended and/or alternative hours as needed for issue resolutions, roll-outs, system upgrades, etc.

A - Able to work independently toward goals set at a higher level 

DIMENSIONS:

A - 3 years of Information Security experience or related field

B - 2 years of experience in the areas of compliance, auditing, risk assessment, and vulnerability mitigation and remediation.

B - Knowledge of security best practices (eg, NIST series); Industry security standards (eg, PCI-DSS or HIPPA)

A - Bachelor's degree in Computer Science/Computer Information Systems or related field or equivalent experience.

B - CISSP certification or in the process of attaining

Must be a team player.

Performs other duties as assigned