Rye, New York, United States · Compliance 2-2019 · Compliance 2-2019
The IT Security Analyst will deliver a range of support and consultation services in the areas of risk mitigation, quality control, compliance and security.
Perform system monitoring, system auditing, and integrity check functions daily, monthly, quarterly, and annually as dictated in Information Security policies.
Perform accurate and precise real-time analysis and correlation of logs/alerts from a multitude of devices with a focus on the determination of whether said events constitute security incidents
Using third party tools, participate in the performance of internal and external penetration testing to identify and address information system security vulnerability.
Analyze available data sources to identify trends and make recommendations to enhance network, system and data security.
Develop and update appropriate system documentation artifacts under the Risk Management Framework (RMF) with limited guidance and direction from the Senior Manager.
Ensure security of the IT infrastructure, conduct periodic reviews of user IDs, protect the confidentiality and integrity of information, maintain the technical mechanisms and corresponding legitimate access.
Lead configuration change management in accordance with policies and procedures, including documenting, communicating, and coordinating changes.
Provide incident response support and identify and prioritize potential threats.
Assist in design, implement and maintain technical security programs including Vulnerability and Threat Management, Data Loss Prevention, Security Event Monitoring and Response program.
Assist with the creation and maintenance of strategic security requirements, policies, processes and road maps.
Handle execution of the incident response policy, plan, and procedures and ensure proper measures are taken when an IS incident or vulnerability is discovered in accordance with corporate policies and procedures and NCUA compliance requirements.
Assume additional responsibilities and lead special projects as assigned.
3+ years working in IT network environment is required.
2 + years of experience in cybersecurity in a Windows and/or Linux client/server networked environment strongly preferred.
Possess a baseline cybersecurity certification (such as CompTIA Security+)
Splunk or other security information and event management (SIEM) products.
Network technologies such as TCP/IP, DNS, DHCP, switching, routing, and common ports, protocols, and services
Degree in cybersecurity, computer science, or another IS management subject area is preferred
Initiative, creativity, along with the ability to craft clear communications both written and verbally
Strong analytical skills and attention to detail
Creative troubleshooting skills
Possess excellent judgment and professional maturity
Multi-tasking abilities, adaptive and work effectively in a time sensitive and dynamic environment
Medical, Dental and Vision Insurance
401(k) Retirement Savings Plan with Full Employer Match Up to 6%
Flexible Spending Accounts for Health & Dependent Care Expenses