Senior Analyst, Info Security Job Description
Senior Analyst, Info Security Duties & Responsibilities
To write an effective senior analyst, info security job description, begin by listing detailed duties, responsibilities and expectations. We have included senior analyst, info security job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Analyst, Info Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Analyst, Info Security
List any licenses or certifications required by the position: SSL, CSSP, IAT, II, IAM
Education for Senior Analyst, Info Security
Typically a job would require a certain level of education.
Employers hiring for the senior analyst, info security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Technical, Education, Information Security, Information Systems, Science, Engineering, Information Technology, Technology, Financial Services
Skills for Senior Analyst, Info Security
Desired skills for senior analyst, info security include:
Desired experience for senior analyst, info security includes:
Senior Analyst, Info Security Examples
Senior Analyst, Info Security Job Description
- Act as an escalation point for junior analysts
- Perform in-depth analysis and end-to-end investigations, from detection to remediation
- Conduct incident response activities such as host triage, malware analysis, remote system analysis, end-user interviews, remediation efforts, and compile detailed investigation reports
- Act as scribe during critical incidents
- Develop new and provide feedback on existing SIEM use cases
- Collaborate with cross-functional business units to advance security operations goals
- Collects, analyses, and enriches event information and perform threat or target analysis duties
- Interprets, analyses, and reports all events and anomalies in accordance with Computer Network Directives, including initiating, responding, and reporting discovered events
- Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption
- Develops focused reporting and briefings for advanced cyber threats and activity to various teams and leaders
- Identify new innovative ways to implement business requirements within the GRC system
- Mentor other team members to streamline software development lifecycle processes for development of the GRC system
- Ensures that IA and IA-enabled software, hardware, and firmware are in compliance with the appropriate Marine Corps AO -approved security configurations
- Coordinates security procedures with the ISSM, initiates investigative procedures for security events, and implements protective or corrective measures when an IA incident or vulnerability is discovered
- Ensures that Marine Corps ESS Information System back-up and recovery processes are tested (initially and annually thereafter)
- Coordinates local system security with local security policies and procedures as required to comply with DoD, DON, and Marine Corps IA policies and directives
Senior Analyst, Info Security Job Description
- Experience in incident response, forensics and evidence preservation
- Work experience and industry certifications on networking, servers and security
- Plans, reviews, and performs (as needed) Sarbanes-Oxley (SOX) controls monitoring around complex customer facing systems, internal financial systems using the ServiceNow GRC platform
- Defines and coordinates review controls (user access review, roles reviews, ) with the applicable business stakeholders
- Educates IT leaders and staff in compliant IT processes and controls
- Partners with the SAP implementation and support teams to ensure strong internal controls for new systems
- Develops solutions to problems identified during audits, and translates these solutions into practical recommendations
- Reviews vendor contracts and SOC reports and evaluates the results within the reports and impact on the company’s controls
- Supports business mitigation activity for SAP GRC segregation of duties rules
- Assists with the development and coordination of all Information Technology policies and procedures
- MS Server, Windows, CCNA and/or VMware VCP certifications are strongly desired
- Relies on extensive experience and judgment to plan and accomplish goals performing a variety of tasks
- Understanding of IT risk management and Information Assurance concepts practical application, ideally in a financial services company
- Conducting analytical risk management activities related to the global enterprise IT and I.S
- 1 year Discovery, Configuration Management on the ServiceNow platform
- Working knowledge of CMDB classes in ServiceNow and how they relate to corresponding asset classes
Senior Analyst, Info Security Job Description
- Continuously develop your technical skills
- Perform asset risk assessments and controls testing in support of compliance
- Provide subject-matter expertise in information security risk and controls
- Demonstrate strong knowledge in IT controls, risk assessments, and the design and testing of security measures
- Be a thought leader in information security and align with business objectives of the company
- Identify opportunities to continuously innovate and improve the value the program delivers to organization
- Operational review and approval of security access
- Executes system vulnerability scanning, remediation process oversight including reporting and governance oversight
- Periodically investigates and recommends appropriate corrective actions for information security incidents
- Acting as a liaison to the product groups and assists them in the implementation of security technologies and applications security
- Bachelor Degree in Computer Science, Audit, Networking or other computer related field or study
- 5-8 years of working experience in an information security, IT audit, risk management or other related fields
- Security certifications preferred, or able to complete certification within 12 months of hire (CISA, CISSP or other industry recognized certification as agreed upon by InfoSec Leadership)
- Experience leading and/or coordinating projects
- Special consideration for experience with Mainframe and Cloud environments
- Working knowledge of ISO 27001/27002 and NIST security standards
Senior Analyst, Info Security Job Description
- Identify security issues for remediation and assist with implementation of counter-measures or mitigating controls
- Analyze network devices and operating systems (Microsoft, Linux) for compliance with DISA STIG (Security Technical Implementation Guide) requirements
- Conduct monthly scans of networks and applications to validate network devices and systems
- Generate and review RMF authorization package artifacts in accordance with DoD 8510.01 and NIST 800-53R4
- Occasionally travel in support of network events
- Assessing/analyzing infrastructure privileged access information (user information, accounts, permissions, connectivity tools, servers)
- Gathering and documenting the usage of these privileged accounts from the users
- Providing the documented information to the solutioning team
- Act as the point of contact for the project team for obtaining any information from the end-users that pertain to solutioning or other project activities
- Operate the Bank's enterprise log platform, ensuring the pipeline of key platform and application security logs are on boarded, data model normalized, and flow at optimal health
- Develop and enhance DLP policy to identify and appropriately protect data while in use, in motion, and at rest
- Assist in maintaining all DLP related documentation
- Continuously propose configuration and tuning opportunities of DLP systems, policies and response rules
- Develop workflows for incident and alert generation for policy violations
- Assist in providing best practice solutions for data protection
- Identify gaps in procedures, and willingness to communicate them to the team, the business, and suggest improvements
Senior Analyst, Info Security Job Description
- Completes weekly and monthly report requirements
- May be assigned as the Information Assurance (IA) / Quality Assurance (QA) team lead
- May be assigned as the organization Information System Security Officer (ISSO)
- Appointed in writing by the Enterprise Information System Security Manager (ISSM) as the Information System Security Officer (ISSO) for the CE control system Community of Interest Network Enclave (COINE)
- Responsible for creating and maintaining a complete and accurate inventory FRCS and components
- Assist CES personnel with security control implementation and assessment of FRCS
- Register systems in Enterprise Mission Assurance Support Service (eMASS) with all necessary artifacts to attain Authority to Operate (ATO)
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of relevant event detail and summary information
- Ensure the safety of information systems assets and protect systems from intentional or inadvertent access or destruction
- Perform Computer Security Incident Response activities, coordinate with AFCEC to record and report incidents
- Broad range of technical expertise and exposure to multiple technology platforms and security technologies
- Development or system admin background
- Experience in a cloud environment (AWS, Azure, Google)
- A strong desire to experiment and learn
- Expert-level demonstrative understanding of Splunk technologies include Core, Enterprise Security, User Behavior Analytics (UBA) and the Machine Learning Toolkit (Splunk ML), Advanced Threat Analytics
- Demonstrable experience with SPL creation, Splunk knowledge object management, Splunkbase, TAs, Dashboard Design