Information Security Analyst III - SIEM Specialist
The Information Security Analyst III position develops the cyber security toolset, detection, prevention, and response capabilities, to expand the information security tactics and strategy. The analyst will engage in many facets of the information security program while providing guidance and functioning as an experience resource to junior analysts.
Essential Duties and Responsibilities:
Protects the confidentiality, integrity and availability of critical data, systems, and services
Safeguard information system assets by identifying and solving potential and actual security and risk concerns
Protects systems by defining role and attribute-based access privileges, control structures, and resources
Categorizes risks and threats by identifying abnormalities and reporting violations
Implements security improvements by assessing situation; evaluating trends; anticipating requirements
Determines security violations and inefficiencies by conducting periodic audits
Monitors, investigates, and responds to security alerts
Upgrades cyber security program and capabilities by implementing and maintaining security controls
Prepares performance and stability reports to communicate system status to users and management
Maintains quality of service by following organization standards, guidelines, and procedures
Maintains information security documentation and standard operating procedures
Maintains technical knowledge by attending educational workshops, achieving certifications, and subscribing to relevant publications
Perform and track vulnerability assessments and facilitate remediation efforts
Assist in various security projects
Review and perform daily security system health checks and correct deficiencies
Provides documentation and evidence to respond to audits
Answer security related helpdesk requests and approvals
Maintain an up-to-date application inventory
Provides on-call support as needed
Contributes to team objectives
Understanding of common networking ports and protocols
Experience and Education:
Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience
5+ years of prior relevant experience
CompTIA Security+ (or equivalent)
Certified Information Systems Security Professional (CISSP) Preferred
Azure Security Engineering Associate or equivalent experience
AWS Security Specialty Certification or equivalent experience
Cloud analytic security tools
CIS 2.0 security and NIST 800-53 framework controls
FFIEC Cyber Assessment Tool (CAT)
SOC I, SOX, GLBA, and FFIEC regulatory compliance
Skills and Abilities Required:
Ability to function with limited supervision
Provides support to junior associates
Strong interpersonal skills.
Quality written and oral communication, and presentation skills.
Critical thinking and problem-solving skills.
Attention to detail.
Commitment to operational excellence and continuous process improvement.
Willingness to expand and apply security knowledge, skills, and abilities to department initiatives.
Strategic project management and oversight of milestones and deliverables.
Network security concepts
Information security policy
On-call network troubleshooting
Intrusion Detection and Prevention systems (IDS/IPS)
Data Loss Prevention (DLP)
Virtual Private Networks (VPN)
Multi-Factor Authentication (MFA)
Endpoint Detection and Response (EDR)
Mobile Device Management (MDM)
Identity Access Management and Privileged Access Management (IAM and PAM)
Role and attribute-based access controls
(RBAC and ABAC)
TLS and certificate management
Security Information and Event Monitoring Tools (SIEM)
Foundational routing, switching, segmentation
E-mail filtering, phishing, SMTP header analysis
Wireless technology and security
Threat management and response