Cybersecurity Analyst

Description

Cybersecurity Analyst

Open Dealer Exchange (ODE), an affiliate of Reynolds and Reynolds, is looking to hire a Cybersecurity Analyst to join the team in our Southfield, MI office. This position will be part of a team responsible for Analysis and Response of Cybersecurity in a highly regulated and compliant environment. Open Dealer Exchange is a dynamic, exciting place to work. We hire exceptional people and every one of them is empowered to think independently, to take the initiative as an employee and to be innovative. Open Dealer Exchange offers a hybrid work model as well as an excellent compensation/benefit package.

Responsibilities

• Develop procedures and standard reports to identify and verify potential breaches in information security and confidentiality, including validation and regression testing.
• Create and maintain audit artifacts for information systems as part of all System and Environment Audits.
• Develop and manage security awareness training plans across the organization.
• Use tools to monitor and detect potential security issues (EDR, SIEM, Scanners, etc.)
• Provides support, as part of a team, in the following areas: Alert Triage, Risk Assessments, Data Loss Prevention, User Access Reviews, Regulatory Compliance, Security Reporting Tracking & Tools, Vulnerability Scanning & Mitigation, eDiscovery and Forensics, Incident Response Coordination, Communications and Awareness

Qualifications

Job Requirements

• Bachelor’s degree with relevant coursework in computer science or a related field
• 1 - 3 years of related work dealing with regulatory requirements, such as PCI-DSS or NIST.
• CompTIA Security certification or equivalent required
• Will accept any suitable combination of education, training, or experience

Desired Skills

• Experience in compliance testing activities, documentation, self-assessment reporting, etc.
• Ability to evaluate the alignment of processes and controls with policies, standards, guidelines, and best practices
• Familiarity with Governance Risk and Compliance (GRC) solutions and processes
• Stays up to date with current business developments and risk identification
• Experience with credit bureau and financial institution integrations
• Knowledge of third party controls attestation reports (SOC 1 and SOC 2, CIS, HITRUST)
• Proficiency with scanning tools and technology for identifying potential vulnerabilities
• Familiarity with best practices for security (BSIMM, OWASP, etc.)
• Strong understanding of enterprise computing environments and TCP/IP Networks
• Experience with API based applications and standard HTTP(s) methods
• Understanding of securing a Cloud-native and public cloud environment, particularly with Microsoft 365 and Azure
• Experience with Microsoft security toolset (e.g., Defender, Sentinel, Purview).
• In-depth knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Understanding of the system hardening processes, tools, guidelines and benchmarks
• Strong technical background in security engineering, system and network security, authentication and security protocols, cryptography, and application security