Information Security/Cybersecurity Analyst

at ITAC Solutions, LLC
Published March 19, 2019
Location Birmingham, AL
Category Default  
Job Type Full-time  

Description

ITAC Solutions is helping a large client in the financial sector of Birmingham search for an Information Security/Cybersecurity Analyst!!

This person will be responsible for protecting the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards.  Responsibility includes: monitoring, incident response, forensics and investigations, threat intelligence, scanning, penetration testing, technology evaluation, security reviews, security tools/systems administration, reporting and standards/procedures development.

The ideal candidate would need to have relevant experience level with an in-depth track record of success in an Information Security/Cybersecurity field including experience in architecting, designing and/or administering secure IT solutions.

This is a direct hire role.

What you’ll be doing (duties of this position):

  • Support the implementations of cybersecurity tools, and the patch and remediation process for workstations, servers, and infrastructure.
  • Assess procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction. 
  • Make improvement recommendations
  • Recommend and implement the controls and control systems to protect information integrity against accidental modification, disclosure, or destruction.
  • Provide evidence of the performance of controls.
  • Assist in providing support of the enterprise vulnerability management program
  • Implement procedures that support the Information Security function.
  • Provide a single point of contact for security related topics and problems.
  • Support access request processing.
  • Execute periodic reviews on the security implementation related to security policies, standards and guidelines.
  • Conduct research to keep abreast of latest security issues
  • Prioritize remediation of gaps based on internal and external audits
  • Periodically evaluate network and system security requirements and recommend and develop the necessary modifications to policies, standards and procedures.
  • Support Department Managers and Business Units in the execution of their security responsibilities.
  • Monitor and assist in implementation of main office and regulatory agencies’ information security standards, policies, and procedures.
  • Performs security monitoring and follow-up on incidents. Reports exceptions to senior management when necessary.
  • Provides assistance to Department Managers, Operating Support Units and to the Data Owners in the risk assessments of their data and of the systems owned by the lines of business.
  • Assist in the development of short and long-term security infrastructure.
  • Investigate, evaluate, document and correct actual or potential security exposures when identified and make recommendations for corrective action to senior management and / or Head Office.
  • Protect the confidentiality of the organization from unauthorized internal and external threats by conducting periodic reviews of critical applications and systems.
  • Evaluate new systems or applications as needed to identify security issues.
  • Conduct, with the assistance of external consultant, penetration tests to evaluate internet and intranet security.
  • Assist in planning and execution of vulnerability testing for application systems and the network environment
  • Prepare security and compliance reports by collecting, analyzing, and summarizing data
  • Experience supporting SOX & PCI Compliance by reviewing, reporting, and tracking of key controls

What you’ll need to be considered (requirements):

  • Minimum of 4 years of experience in IT Risk, Cyber Security, and/or InfoSec or similar knowledge of information security regulations.
  • Working knowledge of security monitoring and scanning tools
  • Experience in working with data loss prevention and other data security systems required
  • Strong critical thinking expertise to identify incidents and threats, then perform forensic review and analysis to ensure quick resolution.
  • Proficient PC and software application skills, especially Excel, Access, PowerPoint.
  • Good organizational, writing documentation, reporting and communication skills.
  • Excellent interpersonal skills – ability to interact with all levels of staff.
  • Understanding of corporate security policies, procedures, and standards.
  • Ability to audit, analyze, and assess procedures.
  • Knowledge of assorted security tools.
  • One or more of the following certifications is a must: Security+, CISSP, CEH, GSEC, CISM, CRIS, and CISA or similar.
  • Strong analytical and organizational skills.
  • Strong presentation skills
  • Spanish proficiency a plus.