IT Security Analyst
532 Riverside Ave. Jacksonville, Florida 32202
IT Security Analyst
The Security Analyst plays a key role in ensuring our logging and monitoring tool (SPLUNK) and associated environment are technically engineered . It is heavily technical involving tuning our logging and monitoring system events, configuration issues, storage, administrative security oversight and associated investigative actions to identify aberrant system and/or user behavior and to protect against insider threat. It is a role that is paramount to the integrity and safety of our customers' personal/sensitive data and our success as an organization.
Plan, coordinate and implement technical support for security infrastructure reporting as well as Security Incident Event Management (SIEM) systems, logging and monitoring. Serve as a resource and administrator for Malware protection and alerting, including the use of Blacklisting/Whitelisting tools or computer incident security response team Assist in monitoring and tuning Intrusion Detection Systems and investigating possible incidents Review consolidated system logs and other audit trails on a regular basis for indications of attacks Review output and alerts from security monitoring systems (e.g.: IDS/IPS, MSSP/Managed SOC, honeypots, DLP, antivirus, network-based anti-malware systems, etc.) identification through remediation Tune and maintain security monitoring/alerting systems Help develop Standard Operating Procedures for triage of security alerts and response to security incidents Update firewall rules to block and/or mitigate risks Perform incident response and function as an Incident Response Team leader Work on security-related projects, including assessment, design, and deployment of configuration management systems, and perform regular security assessments of existing infrastructure Use network vulnerability scanning software and manual testing to find OS and (non-web) application vulnerabilities Assist with remediation of vulnerabilities (e.g.: by applying patches or updating configurations) Provide security-related metrics for executive-level dashboards
Qualifications, Experience & Skills
4+ years of Information Security engineering and infrastructure support experience
Excellent technical computing and network security skills Strong technical skill set, work ethic, demonstrated self-starter, ability to work in a fast paced, team-oriented environment Strong organizational skills Strong technical aptitude, a desire to learn, and a very strong interest in security Excellent understanding of common web-based vulnerabilities Strong knowledge of IDS/IPS, packet/traffic analysis and related tools Systems administration background preferred Certifications, such as CISSP preferred Technologies SIEM, such as Splunk Perimeter Defenses -- IDS/IPS Malware/Anti-Virus, such as BIT9/Carbon Black, Symantec Defense, etc. Network vulnerability scanners and technologies Firewall administrative skills as well as defense in depth technology Data Loss Prevention tools