IT Security Analyst Job Description
IT Security Analyst Duties & Responsibilities
To write an effective IT security analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included IT security analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Security Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Security Analyst
List any licenses or certifications required by the position: CISSP, CISA, CEH, CISM, SSCP, ITIL, PKI, ISO27002, OSCP, FITSP
Education for IT Security Analyst
Typically a job would require a certain level of education.
Employers hiring for the IT security analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Systems, Information Technology, Education, Technical, Engineering, Information Security, Business, Administration, Management Information Systems
Skills for IT Security Analyst
Desired skills for IT security analyst include:
Desired experience for IT security analyst includes:
IT Security Analyst Examples
IT Security Analyst Job Description
- Maintain NTFS permissions on Windows file servers
- Create, administer and maintain Windows Active Directory, Vintela and Unix enabled AD users & groups
- Participating in and ensuring IT audits are completed in a timely manner
- Managing the process of gathering, analyzing and assessing the current and future threat landscape
- Conducting internal and external monthly vulnerability scanning/work with internal and external teams to remediate findings
- Consulting with IT staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
- Participating in Incident Management and working collaboratively with Risk, Audit and Legal teams
- Providing company-wide security alerts to known vulnerabilities
- Managing outsourced vendors that provide information security functions for compliance with contracted service-level agreements
- Managing the day-to-day activities of threat and vulnerability management, identifying risk tolerances, recommending treatment plans and communicating information about residual risk
- Certifications and/or experience in computer networking strongly preferred
- 3+ years working with database and database tools such as MS-SQL/Oracle/DB2 and Sybase
- Minimum three years of security monitoring experience and incident response activities
- Previous experience with Web application vulnerability assessment and management
- In a number of areas
- SIEM systems
IT Security Analyst Job Description
- Work with different technical monitoring, scanning, and remediation tools such as App Scan, Web Inspect, Internet Scanner, Nessus, Nmap
- Ensure in various engagement the Compliance requirements are met
- Analyze the results of various security scans, process appraisals and other improvement efforts
- To create actionable reports, document and track action plans in support of security improvement efforts
- Receive and incorporate commitments from asset owners and responsible parties
- Collect, compile and analyze asset information from multiple systems
- Identify and assess new assets or changes to assets based on established change criteria and ensure asset profile information is up-to-date
- Direct the development and/or maintenance of asset baselines and dependencies
- Obtain approval for security changes in the Unix environment
- Ensure only authorised access to systems has been adhered to by investigating improper access
- Diploma in Computer technology or IT
- Typically has 4 to 6 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration
- Must have extensive knowledge in networking, databases, systems and/or Web operations
- Experienced in security administration, management of security projects and complicated security issues
- 5+ years of IT work experience with a broad range of exposure to Network, Systems, Application Support, and/or Database Administration
- Exemplary knowledge of Financial Systems
IT Security Analyst Job Description
- Provide recommendations for improved operational and Security Team efficiencies
- Responsible for setting up Security alerts, monitoring, remediation and recommendations for continued improvement
- Develop and establish positive working relationships with both IT and key business users
- Provide IT Security Policy, Standards & Procedure advice and assurance to business users
- Assist and help co-ordinate both Internal and External audit activities
- Complete IT Security Questionnaires and support of Bids/RFI’s
- Daily/Weekly Change Advisory Board attendance on behalf of IT Security Team
- Monitor, action Security Incidents, Service & Change Requests via the IT Supportworks application
- Ensure adherence to both the Group & CAS IT Security Policies and Standards
- Assist with Cloud Security Reviews across the division
- Experience with case management and incident response
- Must be motivated, and able to work independently part of a team
- Can work independently be an engaging member of a team
- Experience in securing an application’s integration with relational database management systems such as Oracle, MS SQL Server
- BA/BS degree in Computer Science or relevant experience required
- Possess ability to influence others
IT Security Analyst Job Description
- Collaborate with stakeholders and draft new or changed policy documents in line with industry frameworks (ISO, NIST, ISF, OWASP, ) and other client policies
- May be assigned other position related duties
- Analyzes, develops specs, and recommends College security best practices and participates in security standards planning and documentation
- Works with key IT offices, FMIS, HPLAN Account Management, ERP System Administration, data custodians and governance groups in development of such policies
- Maintains and oversees the configuring, restructuring, troubleshooting and capacity analysis of ERP/databases permissions, access logs, changes, updates and upgrade documentation
- Key member of the Data Standards and Security Committee (identifies personally identifiable information, classes information into public, private and confidential
- Provides user security training to College employees on the best data security practices
- Develop and implement security solutions to monitor systems for violations, outbreaks, breaches
- Monitor and oversee alerting systems/services for early warnings of outbreaks or attacks
- Work with other IT personnel to maintain a strong IT security posture
- Ability to manage demands of internal and external customers through phone, email and process requests
- Ability to team with other groups to influence the collection of information required to generate a response
- The job requires the ability to make judgments based on practice and past precedence
- The job requires the ability to evaluate complex situations and novel situations using multiple sources of information
- Awareness of nuclear energy industry trends, opportunities and challenges
- Strong technical consulting experience
IT Security Analyst Job Description
- Assist with security standards compliance metrics and reporting and provide reliable and regular updates while highlighting key issues
- Leverage the mobile device management (MDM) platform to securely deliver updates and applications to mobile devices
- Duties will include Device Testing, End User Troubleshooting , and application support/device policy creation
- Respond to and resolve support tickets / calls for mobile device issues
- Creation/updating support documentation and procedures as needed for mobile device deployment and support
- Ability to take ownership of new mobile technology solutions and perform Proof of Concept (POC)
- Participation in Cybersecurity operations on-call program
- Manage projects to keep them on time and under cost
- Participate in internal/external investigations that extend across multiple teams including Global Business Conduct and employee investigations
- Understand and appropriately use development skills to automate processes when appropriate
- Security or audit-related certifications a plus
- Experience with SIEM and Log Management tools (ArcSight, Splunk, QRadar)
- Vulnerability Scanning and Management Software (Nessus, Qualys, Rapid7)
- Ability to clearly explain technical concepts in business terms
- TCP/IP and VPN technologies
- Experience with IDS/IPS technologies