Long Island City, NY 11101
The IT Security Analyst participates in the identification, tracking, and monitoring of information security threats and service operations. Analyst utilizes established processes and tools to focus on threat identification, analysis, and remediation. Analyst supports the processes for technical risk management to protect information assets.
- · Assists in the design, development and implementation of security tools
- · Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
- · Administration and daily operation of SIEM technologies, including rule creation, reporting, correlation and performance monitoring.
- · Assists with security-related software and firmware (e.g., endpoint, vulnerability scanners, firewalls, IPS/IDS, DNS, proxy etc.) to maintain security and service continuity.
- · Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates and maintains and documents security controls.
- · Assists with investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitation, etc.) to determine malfunctions, breaches, and remediation steps.
- · Responds to service issues, problems, and critical situations to support resolution and minimize downtime.
- · Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
- · Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
- · Other duties assigned
Minimum Experience and Qualifications
- · Bachelors in Computer Science
- · Three (3) years information technology experience
- · Three (3) years information security experience
- · Demonstrates fundamental understanding of system and network security principles and technology:
- · Demonstrates fundamental understanding of Networking - TCP/IP and other protocols. Common network device functions, such as routers, switches, hubs, etc.
- · Demonstrates fundamental understanding of common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), encryption, endpoint
- · Demonstrates understanding of Log file analysis and correlation
- · Demonstrates understanding of relevant terminology, such as: threat, vulnerability, risk, asset, exposure, safeguards, etc.
- · Demonstrates fundamental understanding of risk, IT and security controls, compliance, authentication, authorization, and accountability.
- · Demonstrates fundamental understanding of SIEM technologies, including administration and analyst operation of SIEM within SOC functionality
- · Must pass a ten (10) year background check and pre-employment drug test
- · Must be legally eligible to work in the country in which the position is located
Preferred Experience and Qualifications
- · Able to work collaboratively during an incident from possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, worms, Trojans, viruses, etc.
- · Willingness and aptitude to develop in-depth knowledge of network and endpoint security technologies and products (such as firewalls, Network IDS, scanners) and continuously improve these skills.
- · Able to articulate technical processes, both oral and written, to different audiences and varying levels of complexity.