Mobile_menu_button_hd

Information Security Analyst

OperationIT

Job Description

CONSULTING, POSSIBLE CONSULT/HIRE As part of the Information Technology Services team, the Information Security Analyst will be assisting in planning, carrying out, and maintaining security measures to protect the University's computer networks and systems.

The position is located in upper Manhattan and will report to the Info Sec Manager. S/he will support the team to ensure Information Security is seen as a positive advantage to the business, not just compliance, and provide inputs into future strategy and other areas of the wider Information Assurance remit.

RESPONSIBILITIES
-Examine alert entries provided by security providers (Firewall, SIEM, Cloud Services, Endpoint protection tool)
-Install, make functional, define processes for the SIEM. Work with the vendor to have it operational.
-Report any unusual activity depending on their severity
-Finetune all sensors from monitoring devices.
-Update operation security procedures.
-Follow up on every open security incident with the assigned technical team/person
-Create automated report based on defined metrics to perform gap analysis.
-Help enforce new and updated policies and report all non-compliant issues found.
-Monitor Administrator access to systems and make recommendations to limit risk exposure.
-Read all messages in the departmental mailbox. Alert and triage any incidents
-Read all REN-ISAC feeds for alerts any incidents that may affect organization.
-Analyze every intake form to insert new systems into the environment.
-Provide guidance as needed to IT and Business partners to ensure secure implementation of processes, systems and services.
-General Counsel liaison with ITS
-Organize and conduct training for all employees regarding security and information safeguarding
-Work with third party vendors on information security incidents.
-Assist on all departmental duties and responsibilities

SCOPE OF RESPONSIBILITY
The Information Security Analyst will be protecting all sensitive information within the organization and hence, must be able to adjust communication style/content to interact with IT, business professionals, academic administrators, faculty, and staff.
The incumbent will be responsible to insure all networks and systems have adequate security to prevent unauthorized access.
-Vulnerability Management and Penetration Testing– Perform vulnerability scans. Review current environment for vulnerability exposure and emerging threats. Participation in the Patch Management Program to identify new patches, rate patch severity, manage monthly meetings, produce metrics, and follow up with responsible parties. Perform Penetration Testing to confirm exploits in vulnerable systems.
-Suspicious Activity Monitoring - Monitor and investigate potential Information Security breaches from various security systems (e.g. IDS, anti-virus, DLP, logs, etc.).
-Introduction or enhancement of security controls. Gap remediation.
-Verify that every endpoint is compliant with the ITS security policy and
-Analyze all requests to approve and restrict all connections to the network.
-Develop reports to share with administrators about the efficiency of security policies and recommend any changes.
-Evaluate, test and recommend security software to implement in The organization's network.
-Must ensure that all security systems are current with any software or hardware changes.
-Plan and document all security information including physical and internet security.

Job Requirements

EXPERIENCE AND EDUCATIONAL BACKGROUND
-Bachelor's Degree in Computer Science or related area,
-4+ years data security experience as analyst or higher
-4+ years IT security compliance experience

SKILLS AND COMPETENCIES
-Solid understanding of all Security Services and how to enable them.
-Proficient in Microsoft Office Suite (Word, Excel, PowerPoint)
-Understanding of Windows and Unix operating system fundamentals
-Solid understanding and hands-on experience of networking systems and firewalls.
-Solid understanding of VPN, IDS/IPS, Endpoint protection, Vulnerability Scan, Encryption algorithms and standards.
-Knowledge and understanding of one of the major Information Security Frameworks (NIST, ISO2700x, SANS)
-Proficient in Microsoft Office Suite (Word, Excel, PowerPoint)
-Hands-on experience of Windows and Unix operating system fundamentals
-Excellent written/verbal communication skills
-Strong interpersonal, analytical, problem-solving, prioritization, organizational skills and attention to detail
-Being able to work with a multi-departmental team
-Ability to handle confidential information responsibly.

Preferred
-Information Security certification a plus: CISSP, CISM, SANS, etc.
-Knowledge of law and regulations surrounding the educational sector (FERPA & GLBA) is a plus
-Knowledge of Business Continuity and Disaster Recovery is a plus
-Programming experience is a plus
-Strong analytical skills to determine the key pieces of information required to make informed decisions. The ability to utilize data analysis tools such as MS Excel (e.g. pivot tables, etc.)
-Project management experience/knowledge, with ability to drive projects to successful completion
-Knowledge of Active Directory

Apply
Apply

Job Snapshot

Location US-NY-New York
Employment Type Contractor
Pay Type Hour
Pay Rate $35.00 - $75.00 /Hour
Store Type IT & Technical

Recommended Jobs for You

Privacy Tips

For your privacy and protection, when applying to a job online:

Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.

Terms & Conditions
Snapshot
OperationIT
Company:
US-NY-New York
Location:
Contractor
Employment Type:
Hour
Pay Type:
$35.00 - $75.00 /Hour
Pay Rate:
IT & Technical
Store Type:

Job Description

CONSULTING, POSSIBLE CONSULT/HIRE As part of the Information Technology Services team, the Information Security Analyst will be assisting in planning, carrying out, and maintaining security measures to protect the University's computer networks and systems.

The position is located in upper Manhattan and will report to the Info Sec Manager. S/he will support the team to ensure Information Security is seen as a positive advantage to the business, not just compliance, and provide inputs into future strategy and other areas of the wider Information Assurance remit.

RESPONSIBILITIES
-Examine alert entries provided by security providers (Firewall, SIEM, Cloud Services, Endpoint protection tool)
-Install, make functional, define processes for the SIEM. Work with the vendor to have it operational.
-Report any unusual activity depending on their severity
-Finetune all sensors from monitoring devices.
-Update operation security procedures.
-Follow up on every open security incident with the assigned technical team/person
-Create automated report based on defined metrics to perform gap analysis.
-Help enforce new and updated policies and report all non-compliant issues found.
-Monitor Administrator access to systems and make recommendations to limit risk exposure.
-Read all messages in the departmental mailbox. Alert and triage any incidents
-Read all REN-ISAC feeds for alerts any incidents that may affect organization.
-Analyze every intake form to insert new systems into the environment.
-Provide guidance as needed to IT and Business partners to ensure secure implementation of processes, systems and services.
-General Counsel liaison with ITS
-Organize and conduct training for all employees regarding security and information safeguarding
-Work with third party vendors on information security incidents.
-Assist on all departmental duties and responsibilities

SCOPE OF RESPONSIBILITY
The Information Security Analyst will be protecting all sensitive information within the organization and hence, must be able to adjust communication style/content to interact with IT, business professionals, academic administrators, faculty, and staff.
The incumbent will be responsible to insure all networks and systems have adequate security to prevent unauthorized access.
-Vulnerability Management and Penetration Testing– Perform vulnerability scans. Review current environment for vulnerability exposure and emerging threats. Participation in the Patch Management Program to identify new patches, rate patch severity, manage monthly meetings, produce metrics, and follow up with responsible parties. Perform Penetration Testing to confirm exploits in vulnerable systems.
-Suspicious Activity Monitoring - Monitor and investigate potential Information Security breaches from various security systems (e.g. IDS, anti-virus, DLP, logs, etc.).
-Introduction or enhancement of security controls. Gap remediation.
-Verify that every endpoint is compliant with the ITS security policy and
-Analyze all requests to approve and restrict all connections to the network.
-Develop reports to share with administrators about the efficiency of security policies and recommend any changes.
-Evaluate, test and recommend security software to implement in The organization's network.
-Must ensure that all security systems are current with any software or hardware changes.
-Plan and document all security information including physical and internet security.

Job Requirements

EXPERIENCE AND EDUCATIONAL BACKGROUND
-Bachelor's Degree in Computer Science or related area,
-4+ years data security experience as analyst or higher
-4+ years IT security compliance experience

SKILLS AND COMPETENCIES
-Solid understanding of all Security Services and how to enable them.
-Proficient in Microsoft Office Suite (Word, Excel, PowerPoint)
-Understanding of Windows and Unix operating system fundamentals
-Solid understanding and hands-on experience of networking systems and firewalls.
-Solid understanding of VPN, IDS/IPS, Endpoint protection, Vulnerability Scan, Encryption algorithms and standards.
-Knowledge and understanding of one of the major Information Security Frameworks (NIST, ISO2700x, SANS)
-Proficient in Microsoft Office Suite (Word, Excel, PowerPoint)
-Hands-on experience of Windows and Unix operating system fundamentals
-Excellent written/verbal communication skills
-Strong interpersonal, analytical, problem-solving, prioritization, organizational skills and attention to detail
-Being able to work with a multi-departmental team
-Ability to handle confidential information responsibly.

Preferred
-Information Security certification a plus: CISSP, CISM, SANS, etc.
-Knowledge of law and regulations surrounding the educational sector (FERPA & GLBA) is a plus
-Knowledge of Business Continuity and Disaster Recovery is a plus
-Programming experience is a plus
-Strong analytical skills to determine the key pieces of information required to make informed decisions. The ability to utilize data analysis tools such as MS Excel (e.g. pivot tables, etc.)
-Project management experience/knowledge, with ability to drive projects to successful completion
-Knowledge of Active Directory

Information Security Analyst Apply now