The information security analyst is a senior member of the information security team and works closely with the other members of the team to as part of a comprehensive information security program. The security analyst works with the IT department to select, test and deploy technical controls to meet specific security requirements, and defines processes and standards to ensure that security configurations are maintained. Finally, the security analyst works with product development groups to ensure the organizations products have appropriate technical safeguards around customer and consumer information.
This role reports to the Information Security Manager.
Security Testing, Analysis and Quality Assurance
The Senior IS Security Analyst will conduct offensive attacks, within an authorized, documented scope, against the organizations information systems and products. In doing so the analyst will test, document, classify security weaknesses, and work as an adjunct member to all project teams responsible for remediating the issues. In addition, they will act as a liaison to the security monitoring and incident response teams, working closely with them to ensure that data generated by systems under attack is detected accurately and quickly by defensive systems and processes.
These activities include:
- Assessing the organization’s network security posture through the use of automated tools and manual techniques to identify and verify common security vulnerabilities.
- Using creative approaches to identify vulnerabilities that are commonly missed in automated or 3rd party security assessments.
- Exploit vulnerabilities and identify specific, meaningful risks to the organization based on industry and business focus.
- Perform complex wireless attacks both against wireless clients and access points.
- Use social engineering techniques to obtain sensitive information, network access and physical access to organization sites.
- Assessing physical security controls by lock picking, camera evasion, tailgating, dumpster diving and other evasive techniques.
- Executing opportunistic, blended and chained attack scenarios that combine multiple weaknesses to compromise client environments.
- Creating comprehensive assessment reports that clearly identify root cause and remediation strategies.
- Working with global IT and line of business staff to gather information, clarify scope and investigate security controls
- Executing projects using established methodology, tools and documentation, in both agile and waterfall methodologies, as needed.
- Continuously improve methodologies, toolsets and offerings through collaborative development work and by updating team documentation.
The Senior IS Security Analyst will exercise or support the preparedness of various parts of the organization to respond to IT security incidents via the following activities:
- Assists in the development of security architecture and security policies, principles and standards.
- Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies.
- Researches and assesses new threats and security alerts, and recommends remedial actions.
- Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts.
- Participates in organizational projects, as required.
Formal Education Requirements:
Bachelor’s degree in Business Administration, Information Systems, Computer Science or Information Assurance.
Experience and Skills
- Familiarity with major data security standards and regulations, such as Sarbanes-Oxley, PCI-DSS, HIPAA HITECH, ISO 27000 series, NIST SP800-53, NIST Cybersecurity Framework Core, FFIEC or DoD/DISA standards.
- At least ten years of information technology experience, with at least five of those dedicated to information security.
- Prior experience acting as a technical team leader.
- Ability to work within a dynamic, agile project execution environment, leveraging Scrum methodologies to plan, prioritize and execute projects in an iterative fashion.
- Understanding of IT governance and service management processes, including ITIL, CoBIT standards, DevOps execution methods and Lean / TQM process optimization methodologies.
- Ability to create reports and conduct analytics, including basic statistical modeling.
- Understanding of enterprise infrastructure and application architecture, including the functions of common business applications within the operation of the organization.
- Fluency in at least one scripting language, such as Python, Ruby or PowerShell, as well as an object-oriented language, such as C#, Java, or C++.
- Understanding of application development within MVC and AJAX frameworks.
- Understanding of concepts and challenges in securing industrial control and IoT environments.
- Experience using ITSM applications for IT service management, such as demand, incident, problem and change, as well as development management systems for defect tracking, automated code review, QA and deployment, such as Service Now, JIRA, Jenkins CI, Docker, etc.
- Ability to perform work process analysis with an eye toward automating or outsourcing non value-added work to ensure that the security team’s overall work processes are continually optimized.
- 3+ Years of primary responsibility in deploying and maintaining defensive network systems, such as firewalls, IDS/IPS, Anti-Malware, DLP and anti-spam.
- 3+ Years of general network and IT system administration, including Windows, Unix/Linux platforms, middleware platforms, such as databases and application servers, and underlying network and hardware infrastructure, as deployed in enterprise IT systems.
- 3+ Years of non-administrative work in information security / information assurance, including highly technical, hands on work conducting both offensive security testing, defensive security operations
The Senior IS Security Analyst acts in a technical leadership role and must, therefore, demonstrate mature leadership behaviors in the following areas:
- High levels of integrity in the conduct of personal and professional affairs
- Calmness and clarity of thought under pressure
- Ability to maintain confidentiality
- Ability to maintain the goals and culture of the organization
- Understanding of strategic business objectives and the ability to drive results toward those objectives
Under normal operating conditions, this role will work to the usual organizational policies and norms of the broader team.
If the IS Security Analyst is notified outside of normal working hours of a potential incident, then the IS Security Analyst will be expected to perform the role out of hours to the extent required to protect the organization.
The IS Security Analyst will be expected to ensure that persons involved in incident response work are suitably equipped to operate out of hours and off-site where desirable.