POSITION SUMMARY: The Information Security Analyst will work on all aspects of
information security . The position is responsible for securing
information in all its forms and reducing risk as it relates to data,
facilities, and personnel through the deployment and operation of security
tools and processes. This includes architecture, change management,
endpoint and server security, policy, operations, development, training, and
incident response. This position is a senior technical escalation resource and
liaison for client support teams dealing with endpoint, server, networking, and
security issues.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Acts
as a contact for escalations from corporate IT ticketing system client
support for security-related issues and leads problem resolution.
- Leads
the deployment and support of existing client programs where there is a
security nexus.
- Provides
expertise for Governance, Compliance and Risk standards and control
families.
- Ensures
that security architectural and hardware changes do not introduce risk or
adversely impact network and client support operations.
- Collaborates
across the IT organization to ensure the needs of relevant stakeholders
are addressed and participates in organization-wide projects.
- Monitors
advanced security reporting and data loss prevention (DLP) tools and
platforms. Analyzes logs and collected data to detect and prevent possible
breaches. Prepare reports as needed on security incidents; develop, lead,
and implement remediation responses.
- Assists
in maintenance of the physical security and badging systems at local and remote locations.
- Conducts
vulnerability testing to detect problems with networks and
systems. Reports results to operations teams and advises on the
remediation and possible impact.
- Serves
on the Incident Response team to quickly identify, contain,
analyze, remediate, and document security incidents.
- Remote
support and on-call hours may be required on a rotational basis.
- Continuously
improve information and cybersecurity at through research,
testing, and implementation of new technologies, tools, and improvements
to existing tools, processes, or designs; makes recommendations to the
Information Security Manager.
- Performs
other duties as assigned.
CORE COMPETENCIES: To perform the job successfully, the individual
should demonstrate competencies in performing the essential functions of this
position by performing satisfactorily in each of these competencies.
- Problem
solving: Identifies and resolves a diverse range of moderately complex
problems in a timely manner, gathers and reviews information
appropriately. Exercises judgment within company policies and practices;
seeks input from other team members as appropriate for complex or
sensitive situations.
- Oral/written
communication: Listens carefully and speaks clearly and professionally in all
situations. Edits work for accuracy and clarity, Is able to create, read
and interpret complex written information. Ability to build productive
relationships with senior internal and external personnel in own area of
expertise.
- Planning/organizing:
Prioritizes and plans work activities, organizes personal and project
timelines and deadlines, tracks project timelines and deadlines, and uses
time efficiently.
- Adaptability: Adapts
to changes in the work environment, manages competing demands and is able
to deal with frequent interruptions, changes, delays, or unexpected
events. Ability to quickly integrate new tools and processes
- Dependability: Consistently
on time and at work, responds to management expectations and solicits
feedback to improve performance.
- Team
Building: Capable of developing strong interpersonal networks and trust
within the organization. Leads consensus by involving all stakeholders,
facilitating their understanding of differences, agreeing on requirements
and constraints, and developing the best solution.
- Safety
Culture: Adheres to the Safety culture and is expected to
model safe behavior and influence peers to meet high standards.
- Quality
Assurance: Demonstrates understanding and implementation of quality
assurance regulations, standards and guidelines of 10 CFR 50 Appendix B,
10 CFR 21, and NQA-1.