Primary Purpose: The IT Security Analyst is responsible for monitoring, assessing, and maintaining security policies and integrity of infrastructure, systems, and data in collaboration with all HES IT departments and business. The Analyst will assist Heritage Security group and Managed Service Providers with security-related day to day activities, projects, utilizing a large range of security related technologies designed to protect the company’s sensitive data and assets and infrastructure. Responsibilities include monitoring configurations, managing, and responding to alerts and activity from endpoint EDR platforms, Syslog and SIEM collectors, vulnerability management platforms, network security and firewall platforms and other intrusion and detection systems.
Essential Functions And Requirements
• Ensures Health & Safety is the number one goal by following policies, processes, and acting in a safe manner at all times.
• Log analysis, monitoring, remediation, and reporting.
• Systems configuration review and maintenance.
• Vulnerability assessment review and reporting.
• Assist with development, implementation, and management the IT security awareness program.
• Alert response, remediation, and reporting from several security platforms.
• Assisting HES IT Service Desk with security related incidents or tickets.
• Incident monitoring, triage, and remediation.
• Monitoring, evaluating, and responding to end user risky behavior alerts.
• Monitoring multifactor authentication requests and changes.
• Proactive threat hunting using existing systems.
• Keeping other HES IT departments informed of any new or emerging threats.
• Be an essential part of executing all tasks or projects as put forth in the IT security strategic plan.
• Regular reviews with MSPs to evaluate performance and procedures.
• Travel up to 25%
Our organization believes that each employee makes a significant contribution to our success. That contribution should not be limited by the assigned responsibilities. Therefore, this position description is designed to outline primary duties, qualifications, and job scope, but not limit the incumbent nor the company to just the work identified. We expect that each employee will offer his/her services wherever and whenever necessary to ensure the success of our endeavors.
Education: Bachelor’s degree in Cybersecurity required. In lieu of degree 6 years equivalent experience required.
CISSP preferred, Sec+ as a minimum. CISA, CRISC, and/or Cloud Security knowledge a plus
Experience: With degree, minimum 2 years of proven work experience as an IT Security Analyst or similar role with the following technologies required. In lieu of degree 6 years of proven work experience as an IT Security Analyst or similar role with the following technologies required.
• SIEM or Log analysis
• Email security platforms
• IT Security Awareness training
• Vulnerability analysis
• Thorough understanding of the latest security principles, techniques, and protocols
• Experience with NIST 800-53, 800-171, and/or CMMC a plus
Knowledge and Abilities: Excellent problem-solving skills. Ability to work under pressure. Exceptional customer service orientation. Regular and predictable attendance is an essential function of this job.
A post offer drug screen will be required.
EEO including disability/veteran
Tagged as: Security analyst