At FCS Financial, part of the nationwide Farm Credit System, we are looking for a Cyber Security Analyst to join our Security Team!  FCS Financial is a member of the largest agriculture lending cooperative in the United States today. FCS is seeking a pro-active, confident, and flexible individual. If you are looking for an opportunity in security management, this career opportunity is for you!  The Cyber Security Analyst's main focus is to protect organizational data assets from unauthorized access disclosure, modification, or destruction using a variety of methods including training, testing and security tools.  The Cyber Security Analyst assists the implementation of the FCS Financial Information Security program.

All FCS Office locations (Cameron, Chillicothe, Columbia, Farmington, Hannibal, Harrisonville, Higginsville, Jefferson City, Joplin, Lebanon, Macon, Maryville, Mexico, Nevada, O’Fallon, Sedalia, Springfield, St. Joseph, Union, and West Plains), along with a Remote Work Environment will be considered based on the candidates’ qualifications and needs.

This position is classified as Exempt under the Fair Labor Standards Act.

This position is open until filled.

Department:   Information Services       

Reports To:  Chief Information Security Officer

Supervises:   None

Preference will be given to an applicant with CISSP, GMON, GCIA, CGIH or similar certification.  

Responsibilities

Job Functions*

Percentage

Job Functions

30%

Data and Information Security Monitoring and Automation

• Keep current with emerging security alerts and issues.
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
• Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
• Design, implement, and report on security system and end user activity audits.
• Work with technology partners to utilize technical systems and monitor them for unusual and suspicious activity across a wide range of products, data centers, and cloud systems.

30%

Incident Analysis and Response

• Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
• Investigate possible security exceptions, administer incident response procedures and coordinate with internal personnel or external agencies as needed.
• Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
• Recommend and schedule (where appropriate) fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
• Track and document cyber defense incidents from initial detection through final resolution.
• Assist CISO with coordination of incident response functions.

25%

Cyber Intelligence and Vulnerability Management

• Remain current with new security threats and assess systems and solutions to ensure they can defend the business.
• Work with CISO to ensure cybersecurity-enabled products or other compensating security control technologies or processes to reduce identified risk to an acceptable level.
• Analyze cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
• Conduct and/or support authorized penetration testing on enterprise network assets.
• Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
• Perform technical and non-technical risk and vulnerability assessments of relevant technology focus areas (e.g., cloud, local computing environment, network and infrastructure, supporting infrastructure, and applications).

15%

Planning

• Participate in the planning and design of enterprise security architecture, under the direction of the CISO and VP of Technical Operations, where appropriate.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Chief Information Security Officer, where appropriate.
• Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Chief Information Security Officer, where appropriate.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Recommend data security policies, procedures, standards and practices designed to minimize the risk of a breach and ensure the timely detection and containment of security incidents

n/a

Other duties as assigned to meet the needs of the organization.

* Essential Functions for this position consist of all items listed under any category that make up 5% or more of the job duties.  This job description is subject to change without notice.