|December 11, 2023
Job Title: Cyber Security Analyst
Responsible for the day-to-day operations of securing the company's various information systems. The CSA is tasked with providing technical expertise in all areas of network, system and application security. The CSA works closely with the IT department to ensure that systems and networks are always designed, developed, deployed and managed with an emphasis on strong, effective security and risk management controls. The CSA leads HEBCO's vulnerability management program, manages cyber tools used for monitoring the IT infrastructure, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats, to help the company take pre-emptive risk mitigation steps. The CSA effectively correlates and analyzes security events within the context of HEBCO's environment to proactively detect threats and mitigate attacks before they occur.
ESSENTIAL FUNCTIONS AND RESPONSIBILITIES
• Proactively search and monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur.
• Provides technical expertise regarding security-related concepts to senior management.
• Review, investigate and respond to real-time alerts within the environment.
• Review real-time and historical reports for security and/or compliance violations.
• Monitor online security-related resources for new and emerging cyber threats.
• Assess new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments of HEBCO's systems and networks.
• Responds to specialized data requests as needed.
• Consults with managerial and technical personnel to identify problems and suggest changes.
• Other duties as assigned.
KNOWLEDGE, SKILLS AND ABILITIES REQUIRED
Knowledge of enterprise class technologies such as firewalls, routers, switches, wireless access points, VPNs, desktop and server operating systems.
Thorough understanding of Microsoft's technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
Proficiency with Windows PowerShell.
Working experience with specialized software that simplifies the task of collecting and managing massive volumes of data and searching for information within the dataset (e.g., Splunk).
Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.
Working experience with creating, implementing, and managing a threat hunting program within a corporate environment.
Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST and ISO.
Be a proficient problem-solver that is able to work autonomously.
Knowledge of internet architecture, web interface programming functions, controls, and best practices.
Five years of experience in a security analyst or related position.
Experience with managing and securing both on premise and hosted systems and applications.
One or more of the following certifications: CEH, CISM, CompTIA Security+, CISSP, GSEC.
Bachelor's degree in a technical discipline such as computer science, information services or related field
Skills & Requirements Qualifications