Information Security Analyst Remote or Hybrid - Parsippany, New Jersey United States - 45005

This closed position was filled. Check out our Jobs Search Page for our current open positions similar to this one.

JOB DESCRIPTION

Job #: 45005
Title: Information Security Analyst Remote or Hybrid
Job Location: Parsippany, New Jersey - United States
Employment Type:
Salary: $65,000.00 - $85,000.00 - US Dollars - Yearly
Other Compensation: Plus Bonus
Employer Will Recruit From: Regional
Relocation Paid?: NO

WHY IS THIS A GREAT OPPORTUNITY?


PLEASE NOTE!!!  If you're applying for the 100% Remote option you must  reside in NJ, NY (Not NYC) PA, GA or FL.

Rapidly growing, rock solid Financial institution with tremendous career growth opportunity.  Not to mention that the staff and mangement teams are some of the nicest most professional folks we've come across in a long time!

JOB DESCRIPTION

 

The Information Security Analyst is responsible for monitoring, technical support and/or administration of a wide range of security countermeasures, tools, and technologies, including, but not limited to firewalls, access management systems, proxies, SIEM tools and scanning systems.

They will interact with external vendors and service providers to ensure solutions and services are securely implemented, and; they will work directly with the Information Security Team and other departments to prevent, detect, and respond to security incidents, as well as implement best practices, and manage security tools and devices across the enterprise.

The Information Security Analyst must be able to work independently, make decisions based on sound security principles, and be proactive in identifying issues, and troubleshooting problem

• Perform data analytics to validate results of existing controls; identify potential gaps; document results of validation activities.

• Triage reported phishing emails to determine which present a threat to the environment.

Coordinate implementation of control rules to handle identified threats.

Escalate any phishing tickets where there is uncertainty on the potential threat or required control.

• Review security violation reports and investigate possible security exceptions and anomalies.

• Identifying adverse events in a timely manner, reach an understanding of the potential impact of events and anomalies, and ensuring corrective actions are taken when appropriate.

• Create and produce a variety of system reports on a scheduled basis to track trends in system activity.

• Produce and maintain metrics based on monthly vulnerability assessment.

• Prepare and document standard security operating procedures and protocols.

• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

• Ensure that the company knows as much as possible, as quickly as possible about both internal and relevant external security incidents.

• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

• Create management reports from monitoring systems including but not limited to phishing, malware, data leakage, Active Directory, Data Classification, application whitelisting and patch management.

• Leverage Security Information and Event Management (SIEM) system to produce accurate, actionable results.

• Communicate effectively with management and peers on projects and in problem/incident situations.

• Maintain appropriate procedures documentation and consult with Security Operations staff on policy maintenance and development.

• Stay abreast of Information Security threats and trends through monitoring of FS-ISAC alerts, newsletters and other industry information sources.

• Perform any other related duties as required or assigned.

QUALIFICATIONS

3-5 years’ related experience and/or training in Information Technology/Information Security or equivalent combination of education and experience.

• Understanding of common network components (WAN, LAN, routers, switches, firewalls) as well as common server and user endpoint hardware and software, and how these components interact in an enterprise environment.

• Knowledge of issues and problems related to information security including phishing.

• Strong technical background in systems and networking including host-based security and application logs, logs from various security sensors, as well as enterprise email solutions, cloud hosting, and protocols such as HTTP, DNS and SMTP.

• High level of integrity and sound judgment concerning security, privacy issues and complex situations.

• Strong service commitment.

• Excellent written and verbal communication skills.

• Excellent planning skills.

• Ability to work as a productive, responsible, self-motivated member and/or leader of a team.

• Ability to work independently and manage time effectively.

• Ability to solve practical problems and deal with a variety of known and unknown variables in situations where only limited information exists.

• Intermediate proficiency with Microsoft Office programs such as Outlook, Word and Powerpoint; Advanced proficiency with Microsoft Excel including pivot tables.

• High School diploma.

Preferred Qualifications:

• Technical degree in Computer Engineering, Computer Technology, or similar discipline.

• Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), and/or GIAC Certification, or willing to pursue a relevant certification within 12 months of employment.

Education:
University - Associate's Degree/Graduate Diploma/2 Years