Cyber Security Analyst

JOB PURPOSE                   

Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.  Provides a full range of analytic duties using knowledge of multidisciplinary security concepts, principles and practices applicable to security administration.  Develops, recommends and enhances compliance preventive and detective controls.

JOB SUMMARY 

Implements, monitors and maintains compliance preventive and detective controls.  Supports the development, documentation, deployment, review and maintenance of Information Security Policies, Standards, Guidelines and Procedures. Communicates Information Security requirements, principles and concepts through innovative awareness and education methods.  Monitors, evaluates and executes security controls and procedures to ensure compliance with security related regulatory and corporate requirements

Senior Security Controls Analyst: Guides and improves the development, documentation, deployment, review and maintenance of Information Security Policies, Standards, Guidelines and Procedures; providing security consulting services. Communicates and educates Information Security requirements, principles and concepts through innovative awareness and teaching methods.

POSITION DESCRIPTION

Job Title:  Security Controls Analyst

Essential Job Duties and Tasks

Level 2:

  • Monitors, evaluates and executes security controls and procedures to ensure compliance with security related regulatory and corporate requirements
  • Tracks, interprets, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines
  • Provides technical support and advice to other groups on security requirements
  • Works with stakeholders to identify appropriate security requirements, engineer practical security solutions and implement measurable security guidelines
  • Promotes and delivers security-related material promoting security awareness.
  • Uses software tools to gather system configuration information and vulnerabilities
  • Identifies risk areas, and ensure that adequate controls are in place and operating effectively by using thorough testing methods
  • Assists with Risk Assessments on corporate assets using a formal methodology and recommend safeguards to mitigate risk
  • Maintains current knowledge of security trends, vulnerabilities, threats, and mitigation methods Maintains the confidentiality of review results and the status of the current security environment
  • Produces and presents compelling security-related training content
  • Creates and consistently delivers awareness material promoting security awareness

Senior Level:

All of the above tasks, and

  • Develops and executes security controls to ensure compliance with security related regulatory and corporate requirements
  • Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines
  • Provides technical and architecture consulting to other groups on security requirements
  • Works with stakeholders to identify appropriate security requirements, engineer practical security solutions and implement measurable security guidelines
  • Designs, produces, and delivers compelling security-related training content
  • Creates and consistently delivers awareness material promoting security awareness
  • Builds and improves software tools to gather system configuration information and foresee vulnerabilities.
  • Anticipates risk areas, and ensures that adequate controls are in place and operating effectively by using thorough testing methods
  • Conducts with Risk Assessments on corporate assets using a formal methodology and recommend safeguards to mitigate risk
  • Expands and shares expertise about security trends, vulnerabilities, threats, and mitigation methods.
  • Maintains the confidentiality of review results and the status of the current security environment

QUALIFICATIONS

Education:

  • Bachelor’s degree in Computer Science, Business Administration or a combination of education and experience that provides the applicant with knowledge equivalent to a major in of such fields.

Licenses or Certification:

  • CISA, CIA, or CISSP certification preferred.  Microsoft or UNIX certifications a plus.

Work Experience Required

Level 2: 

  • Minimum of two years (in excess of degree requirements stated above) of progressively responsible experience in IT analysis or IT security administration.

Senior:

  • Minimum of five years (in excess of degree requirements stated above) of progressively responsible experience in IT analysis or IT security administration

Position level will be determined by candidate’s level of experience.

Source:https://ercot.wd1.myworkdayjobs.com/en-US/ercot_careers/job/Taylor/Cyber-Security-Analyst_R0128?mode=job&iis=Indeed&iisn=Indeed.com