This job was posted by https://okjobmatch.com : For more information,
please see: https://okjobmatch.com/jobs/3086610 It\'s fun to work in a
company where people truly BELIEVE in what they\'re doing!
We\'re committed to bringing passion and customer focus to the business.
SUMMARY
The Junior Information Technology (IT) Security Analyst will be
responsible for assisting with two core functions for the enterprise.
The first is the day-to-day operations of the in-place security
solutions while the second is the identification, investigation and
resolution of security breaches detected by those systems.Secondary
tasks may include involvement in the implementation of new security
solutions, participation in the creation and or maintenance of policies,
standards, baselines, guidelines and procedures as well as assisting
with conducting vulnerability audits and assessments. The Junior IT
Security Analyst is expected to be fully aware of the enterprise\'s
security goals as established by its stated policies, procedures, and
guidelines and to actively work towards upholding those goals.
ESSENTIAL REQUIREMENTS
One or more of the following certifications:
- CompTIA Security+
- GIAC Information Security Fundamentals
- Microsoft Certified Systems Administrator: Security
- Associate of (ISC)2
KEY DUTIES AND RESPONSIBILITIES
Essential Duties and responsibilities include the following. Other
duties may be assigned.
Strategy and Planning
Participates in the planning and design of enterprise security
architecture.
Participates in the creation of enterprise security documents (policies,
standards, baselines, guidelines, and procedures).
Participates in the planning and design of a risk management plan,
enterprise business continuity plan and disaster recovery plan.
Analyze and Develop
Maintains up-to-date detailed knowledge of the IT security industry
including awareness of new or revised security solutions, improved
security processes, and the development of new attacks and threat
vectors.
Assists in analyzing security events and incidents to identify potential
threats or breaches.
Assists in the review and impact processes for all incoming cyber
security information: bulletins, vendor notifications and communications
from government sources. Determine if CNI is affected and then lead the
resolution processes if necessary.
Works with security analysts to recommend additional security solutions
or enhancements to existing security solutions to improve overall
enterprise security.
Operational Management
Helps ensure that up-to-date baselines are maintained for the secure
configuration and operations of all in-place devices e.g. security
tools, workstations, servers, network devices, etc.
Assists with conducting vulnerability assessments and penetration
testing on computer systems, networks, and applications.
Assists with evaluation and remediation of user-reported malicious email
Collaborates with security analysts to develop and implement security
policies, procedures, and standards
Participates in incident response tasks, partnering with 3rd party SOC,
cyber security insurance vendors, and internal resources.
Collaborates with cross-functional teams to ensure compliance with
relevant regulatory requirements and industry standards.
Assists in conducting risk assessments to identify potential security
weaknesses and recommend appropriate controls.
Assists in the deployment and management of security tools, intrusion
detection systems, and antivirus software.
Participates in incident response activities, including investigating
security incidents, documenting findings, and recommending remediation
actions.
Stays up-to-date with the latest security trends, vulnerabilities, and
industry best practices.
Assists in conducting security awareness training sessions for employees
to promote a cultu e of cybersecurity awareness.
Monitors and maintains all operational configurations of all in-place
security solutions as per the established baselines.
Reviews logs and reports of all in-place devices. Interprets the
implications of that activity and devise plans for appropriate
resolution.
Participates in the design and execution of vulnerability assessments,
penetration tests, and security audits.
Provides on-call support for end users for all in-place security
solutions; this can be 24x7 support.
Assists in creation and maintenance of a patching schedule; work with
technical teams to develop patching priorities.
Assists the Information Security Compliance Manager with developing
relevant security data reports.
Assists the Information Security Compliance Manager with managing the
security training system and confirming completion of training by all
employees.
Assists in the creation and maintenance of plan, policy, and procedure
review schedule for the Enterprise.
Responsible for aiding in own self-development by being available and
receptive to all training made available by t