CyberSecurity Operations Analyst

We’re an energized bunch, who love to be at the forefront of innovation. We make it our mission to develop and stay ahead of the latest trends and technology. Our goal? To put customers at the core of what we do and to deliver solutions that drive transformation and unlock the potential of people and businesses.

QUALIFICATIONS REQUIRED

KNOWLEDGE / SKILLS

· Good understanding of server-client computing environments.

· Hands-on server troubleshooting experience.

· Strong understanding of firewall concepts and security in depth, and the risk-based approach to security

· Knowledge of Information Security technologies and solutions

· Excellent written and verbal communication skills along with the ability to absorb and present large amounts of detail through various forms of communications to any level of Business Users, IT Management or technical roles.

· Demonstrated analytical, problem solving, planning, organizational, time management, interpersonal, critical thinking and risk assessment skills

· Application of defense in depth

· Knowledge of security tools and security best practices including ISO27000 series and the NIST Cybersecurity Framework.

· IT Systems Architecture/Infrastructure knowledge

· Collaborative but with a bias for action. Need to break the culture of silos

· Dedication to doing the right thing

· Intellectually curious for new and innovative solutions (e.g., to strengthen cybersecurity)

· Acts with courage, speaks with courage with appropriateness (Ensure the company does not exceed the risk appetite)

· Acts with integrity and transparency

· Focused on the customer

· Strong process orientation

· Persistent in execution, a “just do it” focus

· Situational adaptability

· Ability and willingness to incorporate learnings, including from mistakes, in to our people and processes

· Operational acumen

EXPERIENCE

· A minimum of 3 years of combined experience in information security, information technology and related services and management. Experience in the FinTech or Financial Services industry is a plus.

· Experience on small-to-medium, complex projects that have state and/or enterprise-wide impact and require subject matter expertise of process improvement areas and process improvement tools.

EDUCATION / CERTIFICATIONS

· Bachelor's degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred.

· Certification in one or more of the following areas will be desired but not required: Certified Information Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), Certified Ethical Hacker (CEH), CompTIA Security+, CompTIA Network+, and/or Microsoft Certified Solutions Expert (MCSE). If incumbent does not possess the CISSP certification, they must obtain the certification before their one-year anniversary with the Corporation.

OTHER

PHYSICAL DEMANDS
· Ability to express or exchange information by means of oral and written communication.

· Ability to stand, walk, reach, stoop, bend, and lift and carry up to 25 lbs. of weight (laptop, projector, suitcase, etc.).

· Manual dexterity to input data into the computer.

TRAVEL REQUIREMENTS

· Moderate travel required.

WORK ENVIRONMENT

· Work is performed in a general office environment.

ESSENTIAL DUTIES AND RESPONSIBILITIES

To perform this job successfully, an individual must be able to perform the essential duties and responsibilities satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

· Assist in the configuration, administration and maintenance of security appliances, systems and applications used within the Organization’s infrastructure;

· Engage in continuous tool improvement, process improvement and quality control and documentation activities to further enhance the Organization’s security posture;

· Producing operational and functional security metrics;

· Serve as first level incident response for events discovered through daily operations;

· Supports the evaluation and implementation for security products/services.

· Provides management and supports the development, testing and operation of firewalls, intrusion detection systems, enterprise malware systems and software deployment tools.

· Offers subject matter expertise and guidance to Desktop Support Technicians specific to the endpoint protection technologies as well as malware remediation.

· Routinely provides after-hours on-call support for critical systems and emergency response and support to computer and network incidents.

· Develops, implements and maintains change control and testing processes for modifications or changes to security systems and software.

· Reviews the change control and testing processes for modifications or changes to security systems and software.

· Contributes to information security processes for improvement, documents existing processes, identifies and analyzes gaps and designs new processes, develops process performance measures and plans the transition to a new process.

· Executes change management tasks in systems projects including communication to key user communities, providing subject matter expertise and providing training and documentation where appropriate.

· Works with vendors to address and resolve process issues as needed in a professional manner.

· Assist security engineers and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of organizational security policy and enterprise solutions.

· Stay current on security trends and industry best practices; provide input and recommendations based on research.

· Perform other related duties as assigned in accordance with qualifications.