Senior Information Security Analyst Job Description
Senior Information Security Analyst Duties & Responsibilities
To write an effective senior information security analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included senior information security analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Information Security Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Information Security Analyst
List any licenses or certifications required by the position: SANS, CISSP, CISA, SSL, CISM, PMP, ISACA, CRISC, GCIH, IIQ
Education for Senior Information Security Analyst
Typically a job would require a certain level of education.
Employers hiring for the senior information security analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Business/Management, Education, Leadership, Computer, Accounting, Computer and Information Systems, English, Auditing
Skills for Senior Information Security Analyst
Desired skills for senior information security analyst include:
Desired experience for senior information security analyst includes:
Senior Information Security Analyst Examples
Senior Information Security Analyst Job Description
- Present new and existing information security information to workforce and management
- Works with other functions (Legal, Compliance, ) to coordinate control requirements and control reporting
- Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments
- Manage and maintain a SIEM and Threat and Incident Response Program
- Contribute to and assist with developing business specific risk and compliance reporting
- Co-ordinate research initiatives on industry, technology and information security trends, approaches and tools
- Perform co-ordination and assist with demand management responsibilities of security consulting teams
- Other Information Security related tasks, as required
- Define and maintain Information Security aspects of GRC tool and process requirements, selection, and deployment
- Manage security incidents, investigations and reporting
- Knowledge of web application technologies and layer 7 protocols like HTTP, DHCP, DNS, FTP
- Familiarity with security tools & frameworks like Metasploit, Kali, Canvas is a plus
- Self-starter with strong written and oral communication skills
- Willingness to embrace repetitive tasks with enthusiasm and attention to detail
- Familiar with MS office products/VISIO
- Support ITS deliver teams with technology-specific security advisory for security events and as part of post security incident remediation activity
Senior Information Security Analyst Job Description
- Ensure security review and update frequencies are met
- Collaborate with the CGI Federal project team to manage security assessments
- Work directly with the security assessment vendor to plan and schedule assessment activities
- Perform vulnerability scans and analysis under is responsibility and ensure a timely remediation with the appropriate teams
- Function as the primary Information Security Risk representative on the Vendor Risk & Oversight team, performing both vendor and internal risk assessments and working with business units to improve current controls and continue to mature the assessment process and deliverables
- Lead efforts to improve upon and formalize the existing Information Security Risk Assessment and Exception process, delivering a standard, well-documented and referenceable process
- Assess emerging technologies for security controls and applicability into our existing portfolio
- Work with internal application, infrastructure, and architecture teams to assess the information security risk of existing technology, infrastructure and processes proposed projects
- Assist with information security risk aspects of internal audits
- Will be responsible monitoring, prioritizing, analyzing, and provide action plans to appropriate IT support team for Cyber Security alerts coming in from the Hitachi Vantara Cyber Security Operations Center during assigned shift hours
- Advanced knowledge of technology controls / security domain, disciplines and practices
- Understanding of Corporate Information Security Programs and the ability to apply them to our business unit
- Should have at least a technical bachelor's degree in related field and 3-5 years of experience in an NOC/SOC environment
- Significant knowledge of particular CND tools, tactics, techniques and procedures which support their analysis of event information
- Experience in performing event correlation using information gathered from a variety of sources within the network environment to gain situational awareness and determine the effectiveness of an observed attack
- Demonstrated understanding of platform security fundamentals (Hardware, Windows, and Linux)
Senior Information Security Analyst Job Description
- Moderate experience with skilled collaboration with business partners and executive leadership to ensure alignment of expectations for installation and maintenance of network components
- Moderate exposure to providing strategic reports for executive leadership, business stakeholders, and IT team
- Identify, analyze and remediate threats in our environment
- Identify gaps in existing security architecture and recommend improvements
- Implement tools and processes to improve our ability to detect and respond to threats
- Define and craft security policies, incident response plans and security playbooks
- Be part of an on-call rotation to analyze and resolve critical security issues and incidents
- Participate in learning reviews following security incidents and deliver technical reports
- Ability to detect and analyze information security threats, and be able to design robust security patterns for implementation
- Be able to design, deploy, enhance, automate and operationalize information security capabilities for the enterprise network
- CISM is highly desired
- Understanding of web application threats and penetration testing concepts
- Ability to conduct research, analysis and correlation across a wide variety of all source data sets
- Experience in Information security monitoring / system analysts is must
- Strong knowledge of security tools
- Strong Network fundamentals, active/passive components
Senior Information Security Analyst Job Description
- Ensuring and monitoring compliance with the Company’s IT security policies, HIPAA Security Rule, and applicable laws and regulations, and
- Perform initial, changes to, and periodic asset security risk assessments
- Assess and report risk on customer facing applications supporting compliance with FFIEC Guidance for Authentication in an Internet Banking Environment
- Conduct internal and external site visits and external security program reviews as required
- Accurately report results of assessments and track status, follow-up, and process responses to remediation and security requirements
- Work with asset managers / owners to assure remediation plans are adequate and efficient
- Provide oversight and coordination of remediation efforts to address identified weaknesses
- Identify areas of non-compliance and make recommendations for achieving compliance
- Utilize Enterprise Governance, Risk and Compliance tools and frameworks to complete work
- Work with members of the Legal team to assist with Information Security contract language
- Ability to work both at times collaboratively and other times independently always focusing on outcomes and results
- MS in Computer Science or engineering strongly preferred
- 3+ years of experience with large / mid-size Enterprise Information Security
- 3+ years of experience with Enterprise-level Technology
- Knowledge and experience with of Mac OSX and *nix operating systems
- Understanding of server virtualization platforms
Senior Information Security Analyst Job Description
- Monitors onsite SIEM for vulnerabilities or anomalies in network and works with Network team to resolve issues
- Work with other teams to identify, resolve, and mitigate vulnerabilities in their systems
- Enhancing the Company’s information security program, and managing information security operations and maintenance activities, to maximize the security of our business information including electronic Protected Health Information (ePHI)
- Designs and implements emergency/incident response processes, log monitoring processes and analysis, and vulnerability scanning, remediation risk analysis, and oversight activities, working collaboratively with an interdisciplinary team of Corporate Privacy, Legal and Compliance
- Investigates and reports on security incidents
- Provide active continuous Security Threat Analysis for Antivirus, Malware and Ransomware attacks across multiple platforms
- Research security threats to the company’s environment
- Update rules and use cases to ensure proactive protection of our business partners IT environments
- Provide Incident Response for Security Related incidents
- Hands on configuration of security applications and appliances providing services such as IDS, Vulnerability Management and anomaly detection tools
- Identify, solution, and implement process improvements
- Consult with technical and business teams to suggest enhancements to the security and/or provisioning processes to ensure certifications are effective and efficient as possible
- 5-8 years' experience in a Security Operations Center preferred
- 5-8 years' experience with Information Security Governance and Risk Management for identification
- Of an organization's information assets and the development, documentation and implementation of policies, standards, procedures and guidelines
- 5-8 years' experience with Security governance and policy, Information classification/ownership, contractual agreements and procurement processes, risk management concepts, personnel security, security education