Senior Info Security Analyst Job Description
Senior Info Security Analyst Duties & Responsibilities
To write an effective senior info security analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included senior info security analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Info Security Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Info Security Analyst
List any licenses or certifications required by the position: SSL, CSSP, IAT, II, IAM
Education for Senior Info Security Analyst
Typically a job would require a certain level of education.
Employers hiring for the senior info security analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Technical, Education, Information Security, Information Systems, Science, Engineering, Information Technology, Technology, Financial Services
Skills for Senior Info Security Analyst
Desired skills for senior info security analyst include:
Desired experience for senior info security analyst includes:
Senior Info Security Analyst Examples
Senior Info Security Analyst Job Description
- Knowledgeable in firewall technology, IDS/IPS technology
- Create TTPs, AARs, and ability to do deep dive investigations on complex incidents
- Improving the service level for security operations and monitoring
- Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration act as the lead coordinator for HP’s response to individual information security incidents
- Act a SME and trainer to T2 and T1 personal as needed/ Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Center
- Run audits on Vulnerability Management tools to assess potential vulnerabilities on network and vendor hosts and websites
- BS degree in computing / information systems
- Experience in firewall and IDS/IPS technologies
- Skills in web technologies (scripting, SSL, HTTP/S) and their security requirements
- Experience in SQL query and manipulation
- Coordinates with local technicians and PMO staff to develop, refine, and test the local IA Contingency Plan and Disaster Recovery Plan, which are part of the overall Continuity of Operations Plan (COOP), to ensure confidentiality, integrity, availability, and recoverability of critical ISs and data is maintained during and after a disaster
- Applies technical skills and experience in managing selected Windows and Linux servers and numerous workstations supporting a group of physical security specialists
- Develops customized solutions to customer/user problems
- Establishes system parameters and formats, ensures hardware and software compatibility, and coordinates and/or modifies user requirements in terms of existing and projected computer capacity and capabilities
- Performs audits as directed by the Information Systems Security Manager (ISSM)
- Must have at least six (6) years troubleshooting network access problems and implementing network security policies and procedures
Senior Info Security Analyst Job Description
- Completes other duties as needed to monitor and confirm compliance with other compliance requirements, such as NIST, ITAR, ISO
- BS degree in computing / information systems / or in related field
- 5+ years of experience in information security or network security Industry
- Experience with incident response, forensics and evidence preservation a plus
- Excellent writing and communication skills Ability to communicate technical security requirements to business units, create strategy, and implement security plans
- Performs vulnerability and compliance scans using approved security tools
- Gathers and organizes technical information about an organization’s mission goals and needs, IT infrastructure and existing security/IA products
- Responsibilities include working with the customer to minimize risks and assess and secure networks
- Conduct in-depth process and technical assessments of top risks identified by Info Security leadership
- Advise on actions to reduce information security risks
- Strong knowledge of current identity management threats, techniques, and landscape, dedicated and self-driven desire to research current information security landscape
- Solid conceptual understanding of ServiceNow’s agentless Discovery including the phases of Discovery, probes and sensors, device classification, device identification, credential affinities, schedules, and troubleshooting
- Experience with BDNA normalization or similar tool
- Solid understanding of IT operations, such as help desk, end-point management, and server management
- Strong understanding of security operations concepts, such as perimeter defence, BYOD management, data loss protection, insider threat, adversary lifecycle analysis, risk assessment, and security metrics
- Clear understanding of adversary motivations, such as cybercrime, hacktivism, cyber espionage
Senior Info Security Analyst Job Description
- Collects, analyses, and enriches event information and performs threat or target analysis duties
- Provides first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches
- Event management which includes triage, correlation and enrichment of individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident
- Creates and maintain system documentation for security event processing
- Conduct in-depth system technical security reviews and risk assessments during all phases of the system development life cycle and provide recommendations for improvements
- Perform periodic and on-demand system audits and vulnerability assessments, including application, file system and external Web integrity scans, to determine compliance
- Participate in the development of technical security standards to support policies including monitoring standards and incident investigation procedures
- Participate in the development of maintenance schedules and policies to maintain the optimal operation of the security systems
- Monitor the selection, installation, testing, and operation of information security software programs to ensure such programs meet defined system security needs
- Operate and maintain COTS and GOTS cybersecurity tools, (i.e., Nessus, HBSS, ACAS, IPS, and IDS)
- Excellent interpersonal, written, and oral communication skills issue resolution and negotiation skills
- Assist in developing and approving policies and standards for data loss prevention
- Comfortable interacting consistently with affected customers and business areas to work to resolve issues regarding business processes that do not align with DLP best practices
- Monitor and respond to DLP events
- Interact with customers and supporting teams to manage events until closure
- Assist in troubleshooting issues that may arise from an incomplete scan, scan related performance issues, agent related performance issues, alert generation, email and network traffic related performance issues
Senior Info Security Analyst Job Description
- Mentor, coach, and provide guidance to junior team members
- Develop the necessary engineering documentation, Run books, triage documents necessary for operating the enterprise log platform
- Ensures log and analytics solutions are engineered according to architecture & design standards
- Evaluate new technologies in Cybersecurity Technology by conducting proof of concepts and present results of evaluation & recommendation to management
- Recommends course of action to mitigate risk and ensures that appropriate standards are established and met
- Works closely with other members of the Information Security organization in a collaborative and goal-oriented manner
- Support the onboarding of logs
- Manage the rules and related content in the logging system
- Understands RMF assessment and DoD Risk Management Framework (RMF) accreditation packages
- This position requires interaction with customers within the Army community
- Bachelor’s degree in Information Security, Communications, Risk Management, or similar field
- Extensive working knowledge of and experience in the Mircosoft suite of tools
- 4+ Information Security, Information Technology audit, Risk Management or other related field
- 2+ years vulnerability scanning and assessment tools
- Experience with security and network scanning software and vulnerability lifecycle management (Qualys, Nexpose, Nessus)
- Investigates and recommends appropriate corrective actions for information security incidents and is knowledgeable in forensic investigations, data recovery and the handling of digital evidence
Senior Info Security Analyst Job Description
- Installing and testing product patches in lower environments and then helping to promote to higher environments
- Assist with documentation of the environments end-to-end build and testing
- Assist with development of SCM (service continuity management) plans, capacity planning and Support Documentation
- Troubleshooting and performance tuning of environment including RHEL (RedHat Enterprise Linux) server, Spark jobs, Apache Solr indexes and Apache Tomcat
- Appointed in writing by the Enterprise Information System Security Manager (ISSM) as the Information System Security Officer (ISSO) for the CE control system enclave
- Responsible for creating and maintaining a complete and accurate FRCS inventory
- Assist CES personnel with security control implementation and assessment
- Register systems in eMASS with all necessary artifacts to attain Authority to Operate (ATO)
- Security Trends - Continually works to enhance breadth and depth of knowledge and experience
- Project Oversight - Assesses project risk and complexity
- Tests and implements appropriate security methods and control techniques such as firewalls, intrusion detection software, data encryption, data backup and recovery
- Significant experience with network protocols, security orchestration, security/perimeter devices
- Experience with Splunk data ingestion throughout the entire onboarding cycle, from data discovery to ingestion, CIMification, and onboarding validation
- Active listening and collaborative skills with various audiences, including direct team members, security team and Splunk engineers, and executive stakeholders, in order to craft Splunk and search development solutions
- Advanced knowledge of specific scripting tools including Regex, Python, Javascript, and similar
- Demonstrable competency with InfoSec fundamentals including Lockheed Killchain and MITRE ATT&CK-based analytics