Responsible for the daily monitoring and analysis of information collected from the company’s information security systems and tools in order to preserve the confidentiality, integrity and availability of information resources and assets. Seek out weaknesses of the company's infrastructure by analyzing data and recommending solutions to remove, reduce or mitigate risk.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
- Work under the guidance of Security Analysts II and III
- Install, operate, and maintain a variety of security solutions or systems to include IDS/IPS, SIEM and DLP
- Review and respond to security event logs and alerts from installed security solutions and tools such as firewalls, IDS/IPS, SIEM and DLP
- Conduct examinations of computers, system logs, applications and network security events
- Analyze, document and escalate security incidents per policy
- Work with other Security Analysts in determining the proper systems and tools to protect company resources
- Assist with vulnerability assessments and associated remediation
- Maintain knowledge of current security threats, vulnerabilities and mitigation techniques
- Assist with risk analyses and security assessments to identify potential threats and conducts mitigation activities
- Gain and maintain knowledge of HIPAA, PCI, SOX, ISO27001 and NIST Cybersecurity Frameworks
- Participate in Disaster Recovery and Business Continuity planning and testing
- Participate in the ongoing development and maintenance of security awareness training
- Provide reporting for trending and key performance indicators related to the information security program