Allied Universal is hiring for a Senior Cyber Security Analyst. This position is responsible for providing deep expertise in the monitoring and protection of our computing infrastructure from security threats. To do well in this role, an individual should have experience in large cybersecurity programs. A Bachelor's degree in computer science or similar field and certifications in cybersecurity disciplines are highly desirable.ESSENTIAL JOB DUTIES AND RESPONSIBILITIES:
Duties necessary to meet the minimum requirements of the position. Other duties may be assigned as required:
- Protect digital files and information systems against unauthorized access, modification or destruction.
- Document security breaches and assess the damage they cause.
- Monitor computer networks for anomalies and security risks.
- Develop and document company-wide best practices for IT security.
- Plan, implement, and upgrade security measures and controls.
- Install security controls to protect systems and information infrastructure, including firewalls and data encryption programs.
- Investigate security breaches and other cybersecurity incidents.
- Remediate detected security vulnerabilities to maintain a high-security standard.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on cybersecurity technology trends and security standards.
- Conduct internal and external security audits.
- Manage network, intrusion detection and prevention systems.
- Assist with the definition implementation and maintenance of security policies.
- Provide Security awareness training.
- Coordinate security plans/projects with outside vendors.
- Prepare reports, presentations, and security briefings for the leadership team or other relevant groups and organizations.
- Publish white-papers, blog entries, participate in webinars, and other similar activities to share best practices and exhibit industry thought leadership.
- Collaborate with other groups and stakeholders within the enterprise to ensure cybersecurity awareness and training is always a corporate priority.
- Research the latest attack tactics techniques and procedures (TTP's) used by threat actors.
- Collection and analysis of security metrics provided by security tools and controls.
- Maintain and enhance the security metrics dashboard.
- Update security controls with the latest Intelligence information provided by public and private source.
- Mentor Security Analyst I employees.
- Meet requirements to keep security certifications current.
- Occasional overnight travel as required.
To perform this job successfully, an individual must be able to perform cybersecurity duties to an acceptable standard. The requirements below are representative of the knowledge, skills, and/or experience required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.Key technical skills include but are not limited to:
Education and Experience Preferences:
- Excellent oral and written communication skills. Ability to explain complex technical details to individuals or groups lacking deep technical knowledge of the topic.
- Competence in the use of common enterprise software such as word processors, spreadsheets, project management, and presentation applications.
- Excellent presentation skills.
- Strong analytical skills with the ability to analyze computer systems, assess any potential risks, and consider possible solutions.
- Ability to anticipate cyberattacks, always thinking one step ahead of a cyberthreat.
- Ability to think and act clearly during times of stress.
- Knowledge of networking fundamentals including the OSI network model, networking protocols such as TCP/IP, UDP, SMB/CIFS, SIP, etc., and network routing and switching.
- Knowledge of Microsoft Windows operating systems including its security subsystems. Expertise in Active Directory is a plus.
- Familiarity with UNIX/Linux operating systems.
- Experience with computer network penetration testing and techniques.
- Ability to perform systematic troubleshooting steps to identify root causes of problems.
- Ability to install, maintain, monitor, and update security software on endpoints and servers.
- Ability to analyze large amounts of disparate data from log files and other sources to identify patterns of behavior to identify security risks, anomalies, or malicious behavior.
- Familiarity with Cloud computing fundamentals and the security implications of the platform.
- Monitor and respond to threat alerts from multiple security controls and the Security Information Event Management (SIEM) system
- Familiarity with risk management practices, the CIS-20 and NIST Cybersecurity frameworks.
- Familiarity with programming and scripting languages such as Python, PowerShell, Java script, bash scripting, etc.
- Deep understanding of digital forensic processes and chain-of-custody principals.
- Familiarity with the MITRE attack lifecycle and security framework.
- Occasional overnight travel as required.
- Bachelor's degree in computer science or related field. Master's degree is a plus.
- 5+ years experience in information security.
- Certified Information Systems Security Professional (CISSP) certification.
- Certification in digital forensics.
- Vendor certifications from companies such as Microsoft, Cisco, Amazon, etc.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. This is not intended to be an exhaustive list of all responsibilities, duties and skills required of personnel so classified. Other duties and responsibilities may be assigned, with or without notice.
Posting ID: 556731378Posted: 2020-05-22