The Security Analyst is a self-motivated, highly organized, security-minded problem solver
focused on the protection of the BroadSoft carrier information system assets against compromise and cyber-attacks. The Security Analyst is responsible for the evaluation, testing, and monitoring of IT security solutions in the BroadSoft environment. The Security Analyst is responsible for monitoring the security of the BroadSoft carrier information systems, assisting in the administration of assigned security solutions, investigating potential security breaches, and providing the appropriate resolution for any identified security breaches. The Security Analyst is responsible for ensuring all security protections and information system activities maintain adherence to the security plans and policies set forth in the BroadSoft carrier information systems.
Duties and responsibilities
- Assist with the daily administration of security solutions
- Assist in risk assessment reviews
- Proactively monitor security events
- Identify and understanding potential threats and vulnerabilities
- Recommend and enforce proper control and prevention techniques
- Investigate and respond to computer related security events
- Provide forensic analysis and reporting for security incidents
- Work closely with the IT systems administrators and applications developers
- Maintain and update security documentation
- Participate in incident response and contingency planning components
- Provide feedback and suggestions on ways to improve the BroadSoft performance and risk posture
- The Information Security Analyst will report to the Director of BroadCloud Engineering
- Minimum 5 years of experience in cyber-security
- Current CISSP Certification is required
- Must possess experience with Security Information and Event Management (SIEM) technologies.
- Must possess experience with CIS level server hardening.
- Must possess experience with vulnerability assessment and management technologies.
- Must possess experience with penetration testing tools.
- Must possess experience with host and network based intrusion detection solutions.
- Must possess experience with file integrity monitoring solutions.
- Must possess experience with anti-virus/anti-malware solutions.
- Must possess strong communication skills, both written and oral.
- Experience with NIST, FedRAMP, FISMA, & ISO 27001 security compliance frameworks and policies highly preferred