Lead Security Analyst
The Lead Security Analyst will report directly to the Chief Risk Officer. The individual will be responsible for monitoring compliance of our information security program across the entire infrastructure. Security program elements include: firewall, data transmission, advanced mal ware prevention, data loss prevention, intrusion detection/prevention systems, cloud services, VPN, etc. The candidate will work with leadership to develop strategies and plans to enhance security, identify, and close risks/gaps, and to enforce the company's information security policies.
This role requires a strong technical background and familiarity of traditional and emerging security technologies and practices. The activities of this role will be split between day-to-day operations activities and providing guidance to agency stakeholders or new and existing infrastructure related projects. The candidate must be able to work independently with minimal supervision, interact effectively with IT, Security, and Business leaders.
• Align with and support the execution of the Information Security Program vision and strategy.
• Provide assistance in the implementation, maintenance, and monitoring of the information security program into in-scope operational areas (gap analysis, risk assessment, third party assessments, procedure/specification development, execution of recurring procedures, incident response).
• Identify, analyze and communicate security vulnerabilities.
• Serve as an information security subject matter expert and trusted advisor.
• Understand current as well as emerging security threats and assist in the design of application architecture to mitigate threats where possible.• Stay abreast of new security technologies and assist in the integration of new technology into architecture design when appropriate.
• As a contributor, take ownership for assigned areas of responsibility and effectively manage workloads to meet team deadlines.
• Clearly and concisely communicate in both written form and verbally to leadership and Management.
• Review security features of newly implemented systems, ensuring they meet existing security requirements and policies, Review proposed changes to existing policy as conditions warrant.
• On a day to day basis, the candidate will review reports to identify threats. Reports may be generated from tools such as: such as Net Profiler, Imperva, Fire Eye and FirePower.
• Subject Matter Expert (SME) in the Cybersecurity field.
• Strong background experience in Information Technology with Windows, Linux, and Unix platforms.
• Strong background experience as a Level 2 (or above) Cyber Security Incident Response Analyst performing incident handling, forensics, sensor alert tracking and cybersecurity incident case management.
• Expert level experience working with security technologies such as IDS/IPS, Firewalls, SIEM, Network Packet Analyzers, Antivirus, Network Behavior Analysis tools, Malware analysis, Firewalls, DLP, endpoint protection, log collection and analysis.
• Experience using and configuring tools such as Net Profiler, Imperva, Fire Eye and FirePower.
• Strong working knowledge of network protocols, ports and common services such as TCP/P protocols and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, etc.).
• Hands on experience with scripting languages such as Python, Perl, Bash, and Powershell.
• Knowledge of privilege escalation, persistence and lateral movement techniques
• Identify and be able to react to network attacks, viruses, mal ware, SPAM, phishing and other intrusions.
• Ability to conduct system security vulnerability and threat analyses, gathering of intelligence, risk assessments, mitigation planning and implementation.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output.
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced persistent threats.
• Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, control standards, secure coding principles, and security technologies.
• Effective interpersonal skills and the ability to thrive in a team environment.
• Ability to develop creative and innovative solution to complex business issues.
• Ability to balance various projects simultaneously.