The Security Operations Analyst II will be responsible for providing the direction and technical expertise needed to design, implement and maintain Heartland’s information security environment. This role includes responsibility for implementing appropriate information security policies and procedures, safeguarding sensitive information, prevention of unauthorized access, configuring and managing security software, and participating in daily security operations. The Security Operations Analyst II will also provide assistance with security support requests, as well as conduct vendor, project and technical/ad hoc security reviews. The ability to effectively communicate with all levels of the business regarding security issues while ensuring that the organization’s information assets are properly protected is essential.
Principal Duties & Responsibilities
- Review maintenance and IT infrastructure processes to ensure efficient and adequate security provisions
- Perform security reviews for vendors, projects, and technical/ad hoc process implementations.
- Assess and review current technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks.
- Administer rules and policies for IDS/IPS, web content filtering and web application firewalls.
- Work with other teams to resolve fast moving threats such as malware, spam, and spyware.
- Experience implementing PCI, SOX or SSAE16 technical controls and safeguards is preferred
- Monitor, respond to, and analyze SIEM alerts from monitoring tools.
- Experience with DDoS technologies and mitigation strategies and working experience of web proxies
- Understands vulnerability and threat management in order to safeguard information assets.
- Monitor security threats, analyze vulnerability assessments, and balance security with business rules/needs.
- Responds to security related tickets escalated from various departments, and works collaboratively across multiple teams, to communicate, manage expectations during the resolution of the issue.
- Possess a high degree of integrity and trust along with the ability to work independently or collaboratively.
- Execute computer forensics on an as needed basis.
- Performs other security duties as assigned.
- Occasional long or irregular hours.
- Provide strategic security analytics, metrics and reports.
- Coordinates the assessment of computer systems security risks: investigates and develops contingency plans by undertaking risk analysis, security investigations, surveys and threat assessments.
- Participate as a member of team providing pertinent security information and input to strategic and tactical planning; initiatives and projects planning.
- Provide guidance and leadership to junior analysts
Education & Experience
- Bachelor’s degree or equivalent technical training, and a minimum of (5) years’ experience in Information Security, with at least (5) years’ experience in Information Technology.
- A minimum of 5 years of experience in an information technology security role, with experience in security technologies and controls.
- Analyze and resolve complex technical and business problems
- SIEM experience such as ArcSight, NetWitness
- Strong technical skills with intrusion prevention/detection systems (e.g., Snort, Source-Fire, Palo Alto, McAfee), vulnerability scanning (e.g. Nessus), forensic tools for malware analysis, event log management and alerting systems, etc.
- Hands on experience with next-gen firewalls (e.g., Palo Alto, Check Point, and Radware DefensePro)
- Hands on implementation and management experience with Imperva web application firewall
- Experience with security administration across multiple operating systems and especially Windows, Linux, UNIX/AIX
- Experience managing and leading security projects, including defining requirements, developing project plans, and delivering results.
We are an EOE F/M/D/V.
Global Payments, Inc. provides equal employment opportunities to all employees and applicants for employment without regard to race, color creed, religion, sex, national origin, age, citizenship, disability, veteran status or any other protected status. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.
Disclaimer: The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of responsibilities, duties and skills required.