Information Security Analyst

Job Summary

Monitors, analyzes, and maintains systems and procedures to safeguard internal information systems, network, databases, and web-based security. Partners with technology and business partners to support and enhance security software solutions.

 

Major Tasks, Responsibilities, and Key Accountabilities

Conducts vulnerability assessments and monitors systems, network, databases, and web for potential system breaches and intrusions.
Supports, designs, and assesses user provisioning, segregation of duty, emergency access, and role management.
Develops and documents security standards for role design and administration, including translating functional requirements into technical designs for security roles and developing software management strategies.
Troubleshoots, analyzes, and debugs issues for access complications and role authorizations.
Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal and external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems.
Ensures that information security plans, controls, processes, standards, policies, and procedures align with internal and industry standards and recommends changes when appropriate.
Collaborates with team members and cross-functional teams in the application design, development, integration, testing, and deployment of security solutions.
Identifies security risks and exposures, determines causes of security violations, and recommends procedures to halt future incidents and improve security.

Nature and Scope

Identifies key barriers/core problems and applies problem solving skills in order to deal creatively with complex situations. Troubleshoots and resolves complex problems. Makes decisions under conditions of uncertainty, sometimes with incomplete information, that produce effective end results.
Independently performs assignments with instruction limited to the expected results. Determines and develops an approach to solutions. Receives technical guidance only on unusual or complex problems or issues.
May oversee the completion of projects and assignments, including planning, assigning, monitoring and reviewing progress and accuracy of work, evaluating results, etc. Contributes to employees’ professional development but does not have hiring or firing authority.
Work Environment

Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Most of the time is spent sitting or standing in the same location and/or there may be a need to stoop regularly or move/lift light material or equipment (typically less than 8 pounds).
Typically requires overnight travel less than 10% of the time.
Education and Experience

Typically requires BS/BA in a related discipline. Generally 5-8 years of experience in a related field OR MS/MA and generally 3-5 years of experience in a related field. Certification is required in some areas.

Preferred Qualifications

Bachelor’s degree in computer science or a related field.
2+ years of experience in information security.
Security-centric certification, such as Security+ or Certified Ethical Hacker.
Experience with an email-security related environment.