Information Security Analyst

Posted 6 months ago

This position supports information security management systems. Responsibilities include vulnerability management program and systems management to ensure compliance and protection of our client’s data assets.

Duties and Responsibilities:

  • Management and administration of our client’s day to day Information Security Infrastructure that includes a variety of technologies, including Web Application Firewall, Mobile Device Management, Multi-Factor Authentication, Data Loss Prevention technologies.
  • Provide support for SIEM and IAM Program Managers.
  • Analyzes and assess vulnerabilities in the infrastructure.
  • Own and manage multiple security incident / problem records impacting the enterprise infrastructure [Servers, Clients, Mobile and Network].
  • Follow industry best-practices for security incident, problem and change management (ITIL).
  • Document security process, procedures, and standards.
  • Project support for both IT and business initiatives requiring security infrastructure and services.
  • Implement and manage the SANS 20 Critical Controls for Effective Cyber Defense.
  • Ongoing management of our client’s vulnerability assessment program.
  • Follow up on deficiencies identified in monitoring reviews, vulnerability assessments, and automated assessments to ensure appropriate remediation measures have been achieved.
  • Manage and track and track risk mitigation efforts and ensure that risks are managed appropriately and in a timely manner.
  • Monitor current state and provide reporting and trending.
  • Stay current with cyber security threats and trends.
  • Assist with development and testing of security incident response plan.
  • Develop metrics and reporting to demonstrate information security control effectiveness.
  • Develop and promote activities to create information security awareness within the organization.
  • Assist with security investigation and computer forensic analysis as needed, respond to security emergencies both during and after business hours.
  • Provide periodic audits to demonstrate security control effectiveness.
  • Assist in maintaining compliance with various compliance programs, such as PCI, SOX, and Privacy Regs.
  • Develop and maintain a technology and controls roadmap to address the ever changing threat landscape.
  • Communicate risk posture and risk mitigation effectiveness to Management on a scheduled basis.


  • Education: Bachelors/4 Year Degree Security+ or CISSP.
  • Experience: 5 + years of SIEM, Network, Server, Incident Response, Forensic Investigation.
  • Strong background in security operations, process, solutions and technologies.
  • Strong understanding of policy, compliance, and best practice security principles.
  • Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
  • Knowledge of all security standards such as ISO/IEC 27001 – Information Security Management Systems.

  • 5+ years of progressively responsible positions in security operations and administration.

Job Features

Job CategoryAnalyst

Apply Online

A valid phone number is required.