Analyst, IT Security Job Description
Analyst, IT Security Duties & Responsibilities
To write an effective analyst, IT security job description, begin by listing detailed duties, responsibilities and expectations. We have included analyst, IT security job description templates that you can modify and use.
Sample responsibilities for this position include:
Analyst, IT Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Analyst, IT Security
List any licenses or certifications required by the position: CISSP, CISA, CEH, CISM, SSCP, ITIL, PKI, ISO27002, OSCP, FITSP
Education for Analyst, IT Security
Typically a job would require a certain level of education.
Employers hiring for the analyst, IT security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Systems, Information Technology, Education, Technical, Engineering, Information Security, Business, Administration, Management Information Systems
Skills for Analyst, IT Security
Desired skills for analyst, IT security include:
Desired experience for analyst, IT security includes:
Analyst, IT Security Examples
Analyst, IT Security Job Description
- Lead / assist in implementing Information Security Architecture as defined by the Information Security team, by working with these groups as new and upgraded systems are implemented, beginning with development and continuing through deployment
- Monitor and enforce the effectiveness of Enterprise wide information security program and policies
- Track and maintain operational security metrics
- Establish monitoring measures to detect and ensure correction of security breaches and policy violation
- Consult with Security Governance staff and IT Staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
- Provide regular reports on security incidents, service levels and project status
- Assess and report on threats, vulnerabilities and residual risk
- Work with the enterprise architecture team and Security Governance to ensure that compliance is built into systems architecture and to identify, evaluate and select security solutions to meet security and compliance needs
- Support escalated security investigations and ensure proper coordination within and outside of the company
- Participate in information security incident & event investigations, including collaboration with IT management, legal department and law enforcement agencies
- 2-3 years penetration testing experience strongly preferred
- 3-4 years of hands-on development and delivery of digital security required
- Expert knowledge of IT security technologies
- Strong knowledge of Active Directory and Windows Server as it relates to IT Security
- Demonstrated proficiency in applying HIPAA security rules and National Institute of Standards and Technology (NIST) standards
- Experience with Guardium Database Product Suite a significant asset
Analyst, IT Security Job Description
- Conduct dynamic analysis on malware to determine the malware’s nature and capabilities indicators of compromise associated with the malware
- Ability to work independently without supervision and as part of a team
- Identifies and gathers data needed to meet the requirements of Audit reporting
- Reviews virus protection logs
- Ensure support for McAfee Anti Virus Solution, IDS/IPS solution, Data Loss Prevention
- Ensure support for McAfee Endpoind Encryption and BitLocker
- Be involved in discovering virus outbreaks and working with different IT Teams and our AV vendor to handle the outbreak, clean and doing the root cause analysis
- Monitor and analyze security events, make a risk assignment and response and solve this events in conjunction with global, regional and local IT teams
- Perform security assessments at the network and application layer and you will participate in the development of processes and requirements for systems prior to their acceptance into production
- Manage different IT security incidents and you will provide IT Security engineering and integration services to internal customers
- Professional designation such as CISA, CISSP, CISM, CRISC
- A first academic degree or equivalent qualification Methodical & analytical
- Good knowledge of information security principles and practices
- 2-4 years experience in information technology and security domain
- Strong interest in IT security with knowledge of cyber defence technologies and strategies
- Preferred certifications include CISSP, CISM, and/or CISA
Analyst, IT Security Job Description
- Assesses present cybersecurity related technical controls and recommends additions or modifications where appropriate to increase defensive posture
- Understand the business, design and execute audit programs, execute testing, analyze findings, report writing and presentation to the business, participating in corrective action planning, and tracking issues through remediation with the business owners
- Managing intake and vetting process for customer requested scan jobs
- Update, maintain and document security controls
- Configure monitoring alerts and reports
- Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned
- Drafts IT general controls, information security and risk management policies, procedures and standards to support company objectives
- Responds to and reports on IT security incidents of routine to moderate complexity, providing initial assessment of impact severity and types of incidents being addressed
- Provide backup for Vulnerability Scanning programme, installs, upgrades, patching, scans, reporting/MI, remediation tracking and recommendations to improve the service
- Technical lead of forensic security investigations
- Available to travel up to 50% - travel is sporadic but can be extensive at times
- Meet our core Firm hiring criteria including passing a criminal background check, education and certification verification, references and employment history verification
- The position is located in Atlanta, GA and Farmington Hills, MI - relocation not provided
- Must be authorized to work in the USA without sponsorship
- Enhance the monitoring and the response to various flagged security incidents
- IDERA DB Monitoring
Analyst, IT Security Job Description
- Help plan the rollout & ongoing Management of SIEM tool, integration of systems, real-time proactive management of alerts
- Third Party Compliance and Security Review - The Security Analyst will review documentation such as SSAE 16 or SOC II Reports, along with vendor contracts to ensure that the vendors use best practice and acceptable security measures
- Provide 1st and 2nd level incident support
- Provide post mortems for incidents
- Assists in the coordination and development of BCCC’s information security policies, standards, and procedures
- Ensures College policies support compliance with external compliance
- Reviews security technical literature and attends workshops, seminars, and training classes to remain updated on the latest developments in information technology security
- Performs security risk assessments and analysis
- May recommend for enhancing data systems security
- May assist in the formulation of security policies and procedures
- Knowledge of emerging trends in IT, and how they relate to IT security, cloud computing, mobile computing, virtualization, PCI and SOC compliance
- Ability to perform network based forensics and log analysis
- Requires strong analytical and communication skills and the ability to work effectively with clients and IT management staff
- 4 year degree plus 5-8 years advanced information security experience
- Requires strong knowledge of control frameworks, Information Security compliance requirements to numerous legislative and industry standards such as SOX 404, SANS 20 CSC, UCF, ISO 27001 / 27001, PCI-DSS, HIPAA, NIST, MA 201 CMR 17.00
- Ability to provide 24x7 system support (on-call)
Analyst, IT Security Job Description
- Assist in the implementation of the overall security strategy, policies, and procedures
- Assist in performing risk assessments and related impact analysis
- Participate in incident response procedures and activities as needed
- Assist with coordination of Disaster Recovery planning and exercises
- Assist with vulnerability management and patching programs
- Assist with the design and implementation of security awareness materials and information security training
- Assist in identifying and selecting independent 3rd party vendors for and managing penetration testing and audit projects
- Develop training presentations to accompany new policy implementation
- Assist with documentation of standards and conventions as the Client implements access attestations and role-based access
- Provide consultancy on vendor risk assessments and advise on the implementation of security controls
- Working knowledge of Southern Nuclear’s control system environment and cyber security framework preferred
- Knowledge of Southern Nuclear’s environment and operations preferred
- Bachelor's degree in IT security or related field
- Ability to perform both host-based and network-based forensics and log analysis
- Willingness to serve as a member of a Incident Response Team (IRT) and respond to emergency calls during non-business hours, as needed
- One to three years of related experience in IT Security, IT Infrastructure, or IT Audit