Job Description

Job Title: Security Analyst Senior

Duration: 12 Months

Location: Jacksonville, FL 32202

Hybrid Position candidate must be able to work on a W2 and is local to Jacksonville.

Pay Rate: $50.49/hr.

Job Description

Professional work that implements, maintains and troubleshoots enterprise security systems in a complex, integrated information technology systems environment. Consults with internal business customers to determine security requirements. Provides technical advice and counsel to less experienced analysts.

Required to assist in maintaining 24 X 7 systems availability.

IMMEDIATE MANAGER: Manager, Information Security or Manager, Identity & Access Management

SUPERVISION/DIRECTION RECEIVED: Limited supervision

REQUIRED COMPETENCIES:

Advanced In-depth understanding of the required competencies with advanced skills and abilities, sufficient to successfully apply them under limited supervision in multiple situations.

Knowledge of:

• Applicable programming languages and coding techniques.
• Systems hardware, software and data communications functionality and capability.
• Systems Development Life Cycle (SDLC) deliverables and tools.
• Process management, performance tracking and measurement tools.
• Data driven problem-solving techniques and technical report writing
• Various cross-platform software systems.
• Configuration management concepts and tools.
• System and business architecture design concepts.
• Information Technology Library Infrastructure (ITIL) framework and best practices.
• Applicable industry standards for security systems.

Skill in:

• Implementing, maintaining, and troubleshooting software systems.
• Designing, creating, and interpreting flowcharts.
• Testing software or hardware security installations, enhancements and upgrades.
• Troubleshooting and resolving software related issues.

Ability to:

• Oversee the work of others, and provide coaching, mentoring and training.
• Set priorities and establish a systematic course of action to ensure accomplishment of objectives on time and within budget.
• Deal with ambiguity and make decisions with limited information.
• Exercise creativity and imagination in approaching assignments.
• Quickly grasp new ideas and concepts.
• Work well within a team and assist others with their assignments.
• Acquire and maintain knowledge of the business and Technology Services products.
• Research and acquire knowledge of developing information technology trends and emerging technologies.
• Identify what issues need to be communicated and inform others.
• Establish and maintain effective working relationships with internal customers.
• Use communication skills, orally and in writing, with users with varied backgrounds and experience.
• Follow through with commitments.

EXAMPLES OF PROFESSIONAL WORK:

• May monitor the work of others and provide some coaching and mentoring.
• Implements, maintains and troubleshoots software systems.
• Performs security audits, risk assessment and analysis.
• Tests software systems.
• Makes recommendations for enhancing and formulating policies and procedures.
• Consults with internal customers to identify and analyze needs and recommends solutions that meet business goals.
• Resolves problems and provides technical assistance and training to users in software enhancements and upgrades.
• Performs or ensures system administration tasks, including adding users, user groups and accounts are successfully accomplished.
• Analyzes, diagnoses, troubleshoots and resolves software and production issues.
• Writes or modifies basic scripts and performs light programming to resolve performance problems and automate systems administration tasks.
• Resolves escalated problems and identifies and recommends responses to new or unusual situations.
• Ensures system documentation and logs are maintained and procedures are documented.
• Reviews research data; and performs or ensures testing and evaluation of vendor hardware, software and other system components is performed as required.
• Manages vendor relationships.
• Ensures that plans and procedures for operating under both normal and emergency conditions are accurate, appropriate and up-to-date.
• Promulgates and enforces established technical and procedural standards.
• Assists in disaster recovery testing.
• Resolves escalated problems, responds to new and unusual situations and recommends solutions to systemic problems.
• Participates in ongoing training to continuously upgrade technical knowledge and skills.
• Performs other job-related tasks as assigned.

Additional Comments Regarding this Position:

SUPPLEMENTAL SHEET SECURITY ANALYST SENIOR INFORMATION SECURITY (IS) The following are in addition to the general specification description for this classification.

KNOWLEDGE, SKILLS, AND ABILITIES:

Knowledge of:

• Systems, data and network security administration, including firewalls, encryption technologies and network protocols.
• Information Security Frameworks such as NIST Cyber Security Framework, Critical Security Controls, COBIT.
• Infrastructure, sufficient to work across organizational lines with other teams to resolve problems and issues.
• Local, state and federal emergency planning processes.

Skill in:

• Designing, implementing, and administering information security systems including logical access.
• Developing, installing, and supporting information security solutions.
• Identifying and mitigating potential information security vulnerabilities.
• Troubleshooting and resolving multiple information security issues.
• Performing log analysis such as operating systems, networks, or applications
• Scripting languages such as VBScript, Python, or PowerShell and Regex expressions.
• Leading all phases of Incident Response process.
• Operating systems, network/system architecture, protocols, and services.
• Identifying and mitigating threats, vulnerabilities, and exploits.
• Applicable programming languages and coding techniques.
• Systems Development Life Cycle (SDLC) deliverables and tools.
• Completing and adhering to enterprise change management processes.
• Detailed log analysis utilizing a SIEM (Security Information and Event Management) and Raw logs.
• Leading Security Operations Center operations and strategies functioning at all Tiers.
• Security system analysis, design, programming and installation.
• Network management protocols, architecture and authentication practices.
• Infrastructure, sufficient to work across organizational lines with other teams to resolve problems and issues.
• Profiling threat actors, to identify tactics, techniques, and procedures (TTP) of advance persistence threat operations.
• Leading and coordinating threat hunting and analysis activities.
• Driving and coordinating system optimization, tuning, and remediation initiatives.
• Analyzing security controls and processes for continual improvement.
• Performing computer forensics protocols and evidence gathering including acquisition, analysis, and reporting.
• Executing activities in the areas of security risk identification, analysis, classification, and mitigation strategies.
• Leading creation of information security regulatory requirements, security policies, and security best practices. Advises departments across the organization on appropriate controls consistent with security policies, standards, and best practices.
• Cloud based services, offerings, and architecture such as SaaS (O365), PaaS, and IaaS in the cloud providers AWS and AZURE.
• Advanced skills in using required software including Microsoft Office (Excel, Word, PowerPoint, Outlook) and Visio.

Ability to:

• Creatively solve problems.
• Research and acquire knowledge of developing information security trends, emerging technologies, and best practices.
• Deal with ambiguity and make decisions with limited information.

EXAMPLES OF PROFESSIONAL WORK:

• Implement, administer, monitor, maintain, and update user accounts, firewalls, virus prevention systems, and other security systems.
• Including cloud-based services, offerings, and architecture such as SaaS (O365), PaaS, and IaaS in the cloud providers AWS and AZURE
• Monitor the performance and health of systems, including assisting in responding to incidents and troubleshooting.
• Perform intrusion detection analysis and researches attempted breaches of data security and rectifying security weaknesses.
• Detect and investigate system vulnerabilities and abnormalities, mitigate, and prevent.
• Trend security events for baselines.
• Establish standards and perform audit of security controls.
• Update communication platforms such as SharePoint for Security Awareness.
• Establish and maintain inventory of systems, attributes and associated controls.
• Investigate incidents including technical write up of events and trending.
• Perform system design, installation and administration, including creation or editing of operational guides.
• Test and evaluate new technology.
• Perform vulnerability/pen testing including mitigation plans.
• Analyze security requirements and provide objective advice ensuring adherence and implementation.
• Design, analyze and implement effective information security systems and controls.
• Configure, optimize, fine-tune, monitor, and maintain server operating system and system applications.
• Write and/or edit Requests for Proposals (RFPs), Requests for Information (RFIs), Intent to Negotiate (ITN) related to technology projects.
• Respond to evidence requests in support of regulatory compliance.

OPEN REQUIREMENTS:

Bachelor of Science (BS) degree in Computer Science, Information Security, or related discipline and four (4) years of professional experience in a system administration role in a large corporate environment.

-OR-

Eight (8) year combination of education, training and experience in installing, supporting, and maintaining servers and other computer systems in a large corporate environment.

Windows: Five (5) years of experience must be in a Windows environment.

LICENSE/CERTIFICATION/REGISTRATION:

Two (2) or more, or their equivalent:

• DoD 8570 Certifications
• GIAC Continuous Monitoring Certification (GMON)
• GIAC Global Information Assurance - Public Cloud Security (GPCS)
• Microsoft Certified Systems Engineer (MCSE)
• Amazon Web Services Cloud Practitioner
• Amazon Web Services Solutions Architect Associate/Professional
• Amazon Web Services Certified Security Specialty
• Azure Fundamentals
• Azure Security Operations
• Azure Security Technologies
• Azure Security Engineer
• Azure Solutions Architect
• Aviatrix Certified Engineer (ACE)

Job Tags

Similar Jobs