We are in search of a mid-level to senior level, IT Security Analyst, with broad experience in the field. This is a prominent cyber security role in a growing IT Department in Downtown Denver.
If you are comfortable training and mentoring the IT Team on Security issues, while also contributing to the organizational security on a daily basis, then this is a great opportunity for you.
Application Deadline is Oct. 13, 2016.
- Participates in the development and oversight of Information Technology (IT) and Operational Technology (OT) security programs and risk management strategies.
- Documents and updates elements of the Information and Operational Technology governance portfolio (Polices, processes, procedures, and standards) to ensure ongoing security compliance.
- Responsible for guidance, identification, evaluation, design, development, implementation and integration of security controls and processes that will provide protection of information and operational technology systems while meeting regulatory and compliance requirements.
- Assists in IT and OT security audits, risk assessments, controls analysis and review processes including planning, reporting, and making/writing recommendations.
- Participates in threat and risk assessments of enterprise systems. Analyzes assessment data and makes recommendations to mitigate risks and makes recommendations to enhance network, system and data security.
- Works closely with business staff and service providers to assure new applications, systems and functionalities are secure and meet Antero security requirements.
- Conducts accurate, precise real-time analysis and correlation of logs/alerts from a multitude of systems or devices with a focus on the determination if events constitute security incidents.
- Participates in the development, implementation and maintenance of security incident response plans. Coordinates and provides incident response support and identifies and prioritizes potential threats.
- Participates in testing and implementing disaster recovery plans.
- Responsible for the collection, analysis and reporting of IT security metrics to measure the effectiveness of IT security management processes.
- Provides specific assistance and subject matter expertise in security projects and initiatives.
- Researches and track information about the latest security threats and potential vulnerabilities.
- Provides input into security strategy discussions by remaining knowledgeable on new information security technology, regulations and standards.
- Participates in the development, implementation and maintenance of the IT Security Awareness program.
- Conducts Security Architecture and Compliance Reviews for new and changing systems.
- Provides backup support for security team.
- Escalates security issues to Manager.
- Demonstrated work experience in the use of security principles; risk assessment policies and standards; information security best practices, products and technologies; and network technologies.
- Demonstrated work experience in the preparation of written reports, training materials, and conducting meetings and training sessions
- Demonstrated work experience in areas such as malware, advanced persistent threats, intrusion prevention/detection systems, encryption systems, firewalls, wireless, access and authentication technologies, and next gen tools/technologies.
- Strong working knowledge of Windows Server 2008 R2 server security, VMware, Windows 7/10 security, Active Directory and Group Policy.
- Strong working knowledge of the TCP/IP protocol suite and related security concerns.
- Working knowledge of virtualization standards and security.
- Working knowledge of enterprise wireless network standards and security.
- Working knowledge of next-gen tools such as anti-malware and firewalls.
- Working knowledge of well-known security tools such as NMAP, Nessus, TCPDump, Wireshark, Netcat, Metasploit and others.
- Requires the understanding of risks associated with new technology and the ability to define appropriate security controls.
- Must possess strong planning, problem solving and analytical skills.
- Must have strong interpersonal skills to influence, motivate, persuade, mentor and train various groups or individuals.
Education or Formal Training:
- Bachelor’s degree from accredited college or university in Management of Information Systems (MIS), Computer Science or other technology related fields or equivalent working experience.
- One or more information security certifications, (i.e., (ISC)2 CISSP, ISACA CISA, SANS GIAC, Computer Forensic External Certification-CFEC, CERT-Certified Computer Security Incident Handler, etc.) preferred.
- Windows 7/10 security.
- Windows server management and support.
- 4+ years of demonstrated experience in information security programs.
- Oil and gas industry experience preferred.