An IT Security Analyst is a vital part of an organization’s mission to protect its information assets.
The role is to monitor, analyze, test, and maintain security technologies and processes in support of the achievement of regulatory and security requirements.
As part of this work, it is important the Analyst have a working knowledge of the organization’s information architecture and business processes.
The IT Security Analyst works collaboratively with all departments in problem solving issues related to security configurations and processes.
Strong communications skills and a high level of values are essential for this role.
DUTIES AND RESPONSIBILITIES:
- Monitors organization’s networks for security breaches and investigates a violation when one occurs.
- Installs, utilizes and maintains software, such as SIEMs, DLP, firewalls and data encryption programs, to protect sensitive information.
- Prepares reports that document security breaches and the extent of the damage caused by the breaches.
- Researches the latest information technology (IT) security trends.
- Helps plan and carries out an organization’s way of handling security.
- Develops security standards and best practices for their organization.
- Recommends security enhancements to management or senior IT staff.
- Defines, implements and maintains corporate security policies.
- Conducts internal and external security audits.
- Protects digital files and information systems against unauthorized access, modification or destruction.
- Works with vendors to promote optimal functionality, including documentation, analyzing change requests, and upgrades to ensure that the most current versions are available.
- Advises team leadership on all aspects of planning and successful approaches to meeting project plan and goals.
- Follows established departmental policies, procedures, and technical standards.
- Works extended and non-standard hours as necessary to support security maintenance and implementation. Takes “on-call” rotation to provide twenty-four hour support when appropriate
- Is responsible for attending all annual mandatory educational programs as required by position.
- Associate’s Degree in Information Systems or related field required. Candidates with security relevant certifications (SANS, ISACA, ISC2) preferred.
- Minimum of five years’ work experience in Information Security as a Network Engineer or equivalent role.
- Experience with SIEM, IDPS, DLP is strongly desired.