Cyber Security Analyst

*MUST BE WITHIN DRIVING DISTANCE TO THE NASHVILLE METRO AREA*

Responsibilities:

Reports and communicates vulnerabilities to determine objectives, scope, analysis, and the proper actions needed to respond to vulnerabilities.

Partner with stakeholders to document the lifecycle of vulnerabilities and provide recommendations for mitigation strategies.

Collaborate on patch validation and reporting of remediation planning and compensating controls of mitigation to address open vulnerabilities.

Drives remediation efforts including monitoring, tracking, responding, and investigation. Reports and updates MMNA Security Team and Management to drive timely results.

Perform analysis of security threats and process timely tasks to help mitigate the risk of exposure.

Reviews daily intelligence feeds, working with different IT Teams and Business Units to apply technical controls to detect and protect systems.

Must participate in penetration testing engagements with partners and participate in risk assessments, audits, remediation, and other security program deliverables for the organization.

Maintain a common documentation library of standardized procedures and configurations.

Provide Tier 2 support for incidents and problems in designated areas of expertise.

Communicate and collaborate with local IT staff as well as colleagues in Remote Office locations providing professional expertise in information security tasks.

Requirements:

• Bachelor's Degree in Computer Engineering, Computer Science, or a technical field preferred. Additional and direct experience may be substituted in lieu of a degree.

Must understand design, implementation and operational experience with security technologies that includes but is not limited to, IDS/IPS, Firewalls, Log Analysis, DLP, SIEM, Network Behavior Analysis tools, endpoint security, identity and access management and governance technologies.

The Cyber Security Analyst must have a strong understanding of Windows and Linux Server administration and securing operating systems, Active Directory, virtualization, and cloud technologies.

Must have a basic understanding of encryption, load balancers, PKI/SSL/TLS architectures, remote access and VPN, and scripting.

Capability to work with people of all professions and explain complex topics clearly and concisely.

• Proven experience reducing security risks in a highly distributed complex environment.