Cyber Security Analyst

Description

The Cyber Security Analyst (CSA) is responsible for assisting with securing the firm’s various information systems. Reporting to the Chief Technology Officer, the CSA provides technical expertise in network, system, and application security. The CSA works closely with the various teams in the Information Technology department to ensure that systems and networks are continuously designed, developed, deployed, and managed, emphasizing robust and effective security and risk management controls. The CSA leads the company’s vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats to help the company take pre-emptive risk mitigation steps. The CSA effectively correlates and analyzes security events within Java’s unique environment to proactively detect threats and mitigate attacks before they occur.

Key Responsibilities

• Proactively monitor the environment(s) to detect and implement steps to mitigate cyber-attacks before they occur.
• Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business.
• Review, investigate, and respond to real-time alerts within the environment(s).
• Review real-time and historical reports for security and/or compliance violations.
• Monitor online security-related resources for new and emerging cyber threats.
• Assesses new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments of company systems and networks.
• Manage systems owned by the Information Technology teams.

Qualifications

• A four-year college degree or equivalent industry training and certifications.
• Technical knowledge of enterprise-class technologies such as firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems.
• Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
• Proficiency with Windows PowerShell.
• Strong writing skills and the ability to articulate security-related concepts to a broad range of technical and non-technical staff.
• Working experience creating, implementing, and managing a threat-hunting program within a corporate environment.
• Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, Cobit, ISO, etc.
• Be a proficient problem-solver that can work autonomously.

Desired Qualifications

• One or more of the following certifications: CEH, CISM, CompTIA Security , CISSP, GSEC
• Experience with managing and securing both on-premises and hosted systems and applications.
• Experience with application and database security.

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• Day shift
• Monday to Friday

Work Location: In person