AVP – Information Security Analyst

Role

• Act as a risk manager with the responsibility for identifying, acting on and escalating risks and is held strictly accountable for the failure to discharge their information security duties.

• The employee shall also be responsible for demonstrating risk awareness by following all security policies, procedures and internal controls in the daily routine.

• The Security Analyst will ensure that policy and compliance documentation, requirements and controls are properly and timely identified, mapped, tracked, reviewed, and reported for the organization to increase security posture.

• Work closely with other members of the Security Team and IT Infrastructure Teams to manage and support security administration tasks and security projects.

• Scanning for vulnerabilities and baseline configuration compliance

• Monitoring new and existing vulnerabilities and working with IT and users to remediate

• Daily, Weekly, Monthly, reporting – reviewing results of reports and presenting to IT to remediate issues

• Network monitoring – Monitoring assets connected to the network scanning for assets

• Daily monitoring of system events for malicious activity

• Tufin – Firewall rule review and approval

• AlienVault – SIEM – System event monitoring and analysis with follow up if issue is detected

• Tipping Point – IPS – Monitoring network for signs of malicious activity or exploitation

• Trellix EPO + TMS – Daily monitoring of Data Loss Prevention tools

• Manage phishing campaigns, create email templates, perform testing, analyze results, and write report

• Spirion – Create scans to monitor files containing PII and ensure they are destroyed in accordance with data retention policy

• Chair weekly IT meeting to discuss vulnerabilities, patching, and alarms generated by IS tools

• Threat Intelligence – Monitor Qualys Threat Protection Feed and CISA emails for relevant information to protect the network