Security Analyst

location: Erlanger KY

Position Summary:

The Information Technology Analyst is a member of the Security Engineering team and be responsible for ensuring the security of information systems assets, to protect systems from intentional or inadvertent access or destruction.

Job Responsibilities:

• With minimum supervision review firewall and proxy requests and evaluate for adoption to ensure that they conform to current security best practices and current security policy.

• Ability to assess business and technical requests and evaluate the risk to ensure effective and pragmatic security mitigations are in place or work with requestor to provide remediation requirements to meet the business objectives.

• Represent the Global Information and Cyber Security (GICS) function in change and incident processes, evaluate for adoption to ensure that they conform to current security best practices and current security policy.

• Establish and continually evolve the ongoing processes and procedures for Global firewall and proxy change requests.

• Use ticketing system for documenting and processing requests and incidents in which Global Information and Cyber Security (GICS) are involved.

• Use existing tools and procedures to verify IT infrastructure and applications are compliant to IT Policy; apply network & server administration skills and knowledge to guide system level administrators in IT Policy compliance

• Articulate impact and requirements of IT assets as it relates to requests and involve more senior level team members at appropriate times for recommendations on approval decisions.

• Support the Vulnerability Remediation program

o Conduct and interface with Attack Surface Management team on assessments and administrative audits on computer systems and network devices as part of request and approval process.

o Schedule, coordinate, and track the remediation of open vulnerabilities for assets owned by Global Information and Cyber Security (GICS).

o Coordinate the assignment of vulnerabilities for assets owned by Global Information and Cyber Security (GICS) applications and tools to the respective teams for resolution.

o Monitoring of metrics and performance indicators for the vulnerability remediation program, including reports to the appropriate management and team members.

• Assist overall Global Information and Cyber Security (GICS) functions as directed.

• Must display enthusiasm and interest in IT Security

• Senior Analyst experience, must have high level experience so ramp up time is short 7-10 years’ experience in IT, 5 in security. Flexible based on the role.

• Functional experience in Service Desk platforms (Service Now, SOC Module)

• Ability to assess business and technical requests and evaluate the risk to ensure effective and pragmatic security mitigations are in place or work with requestor to provide remediation requirements to meet the business objectives Position is in Office,

• Erlanger KY, not remote or hybrid Currently Project based only.

Other Specific Job Tasks

ITSM – Service and Incident Request tasks

• Vulnerability Item reviews

• User Account lock out

• New software request – software sandboxing

• Network Security – New and Change

o Firewall

o Proxy

Other Global Information and Cyber Security Tasks

• Participate, review, and evaluate risk, and provide security recommendations in the Change Review process for requests sent to GICS

• Perform Application vetting (Business and OT)