Looking for an experienced professional to assume the critical role of IT Cybersecurity Analyst within our organization. The ideal candidate will have extensive hands-on experience in cybersecurity tools such as CrowdStrike, Cylance, Tenable, Rapid7, and/or Mimecast. This role will have the responsibility of monitoring the IT operations environment continuously to identify any vulnerabilities, respond to security incidents, and make recommendations for remediation.
Responsibilities
- Implement, monitor and manage cybersecurity tools including CrowdStrike, Cylance, Tenable, Rapid7, Varonis, and/or Mimecast, to identify and respond to security threats.
- Setup and maintain cybersecurity monitoring operations in partnership with external Managed Security Services Provider (MSSP), and perform triage to determine scope, urgency, and potential impact of security incidents and/or vulnerabilities.
- Investigate and analyze security incidents, escalating and coordinating response efforts as necessary, and as defined in the Incident Response Plan (IRP).
- Maintain the Incident Response Plan (IRP) and keep it up to date.
- Perform root cause analysis on each security incident and make recommendations to mitigate similar incidents in the future.
- Identify and analyze vulnerabilities and make specific and prioritized recommendations for remediation and mitigation solutions.
- Conduct regular network penetration testing to assess vulnerabilities and recommend security enhancements.
- Proactively search for threats using Computer Network Defense (CND) tools including intrusion detection system alerts, firewall and network traffic logs, and host system logs.
- Implement and manage an enterprise SIEM tool.
- Generate detailed reports on security assessments, incidents, and ongoing security activities, and develop, track, and report on relevant cybersecurity metrics on a regular basis.
- Collaborate with infrastructure, network, applications, integrations, and BI teams to secure system, network, and application architectures.
- Review the cybersecurity program with Governance, Risk and Compliance teams and provide them with requested cybersecurity reports and metrics.
- Make improvements and suggestions to advance the overall security processes in place.
- Develop, implement, and maintain security policies, procedures, and best practices.
- Maintain the internal information security awareness site and ensure that up to date and relevant training material and information is available.
- Promote a strong cybersecurity culture within and outside of IT.
- Stay current with the latest cybersecurity trends, threats, and best practices.
Qualifications
- Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Comprehensive understanding of cybersecurity principles, practices, and technologies.
- Proven experience in cybersecurity role with tools such as CrowdStrike, Cylance, Tenable, Rapid7, Varonis, and/or Mimecast.
- Hands-on experience with network penetration testing, vulnerability assessments, and remediation strategies.
- Strong knowledge of network protocols, system vulnerabilities, and attack vectors.
- Experience deploying and working with cybersecurity tools in Microsoft Azure and Microsoft 365.
- Experience working with an enterprise SIEM tool.
- Experience analyzing log files and correlating security related events.
- Demonstrated strategic thinking, problem-solving, and decision-making abilities.
- Excellent communication and interpersonal skills, with the ability to distill complex technical concepts into clear, concise communications.
- Ability to independently prioritize competing initiatives and manage multiple tasks simultaneously in a fast-paced environment.
- Exceptional time management skills.
- Experience working with third-party Managed Security Services Providers (MSSPs) is highly desirable.
- Experience with NIST Framework is highly desirable.
- Relevant certifications such as CEH, CISSP, OSCP, CISM, CompTIA Security+ or equivalent is highly desirable.