Job Specifications
Description
The Security Analyst conducts advanced cybersecurity analysis to protect critical infrastructure and assets. This role involves using sophisticated tools for incident detection and response, threat assessments, cyber threat intelligence, software security, and vulnerability risk assessments. The Security Analyst may operate with limited supervision, exercising significant initiative and independent judgment while adhering to policies and procedures designed to mitigate risk.
Examples of Duties
Monitors and analyzes events from cybersecurity tools, network devices, and information systems.
Gather and analyze information from various sources to stay informed about emerging threats and vulnerabilities.
Conduct regular security audits and assessments to evaluate the effectiveness of existing security measures and recommend improvements.
Maintain accurate documentation of security incidents, assessments, and procedures. Generate reports for management that outline security issues and provide recommendations.
Assists in the research and implementation of new security strategies, tools, techniques, and solutions to detect, prevent, contain, and mitigate security risks.
Assists in developing and training staff regarding Cybersecurity awareness and defensive mechanisms.
Provide support for security-related issues, helping troubleshoot and resolve problems encountered by end-users or systems.
May collaborate on multiple projects with various teams to ensure that security measures are integrated into system designs and implementations.
Passes and maintains background security clearance.
Performs other job-related duties as assigned.
Typical Qualifications
Knowledge and Skills:
Knowledge of computer systems and technology; operational support of networks, operating systems, Internet technologies, databases, and security infrastructure; cybersecurity and information security controls, practices, procedures, and regulations; and incident response program practices and policies.
Skilled in the use of servers, firewalls, secure email gateways, and applicable software; and configuring, deploying, and monitoring security infrastructure.
Ability to resolve complex security issues in diverse and decentralized environments; to plan, develop, monitor, and maintain cybersecurity and information security processes and controls; and to communicate effectively.
Ability to analyze complex data and provide concise direction to others.
Ability to work independently and is self-motivated.
Demonstrates sound professional judgment.
Demonstrates tactfulness in handling various situations.
Education and Experience:
Prefer advanced cybersecurity certifications (e.g., CISSP, CEH, CompTIA Security+) or equivalent experience in cybersecurity, network security, or information security systems.
Familiarity with the NIST Cybersecurity Framework (CSF) or similar risk management frameworks.
An associate’s degree in cybersecurity or a related field, or
A combination of education and/or experience may be substituted for one another.
WORKING CONDITIONS (including physical demands)
Must have the ability to observe details at close range and communicate information.
Must be able to operate a computer or other office productivity equipment constantly.
Must remain in a stationary position for extended periods (e.g., 3 hours or more) as needed.
Stretch, reach, or lift objects or materials that may be up to 20 pounds in weight.
Ability to travel between fieldwork locations.
Ability to travel and partake in company/industry-wide events such as training, seminars, and conferences.
Possess a current, valid driver’s license and the ability to operate a motor vehicle.