Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
The IT Security Analyst helps lead and manage the provision of outsourced security services and application of IT Security policies and procedures for all business units and control networks. This role works closely with the Director of IT Security and Manager IT Security to ensure that Security Services are provided within the scope of the Service contract as reflected by service levels, the statement of work and pertinent schedules/exhibits. This role also works closely with the Service Provider Delivery management team to track and monitor the overall progress of IT Security Operations processes and small- to medium-sized Security Services projects.
Key outcomes for success include:
Supporting IT Security Operations processes to ensure effectiveness and efficiencies
Assist and support the ongoing assessment and improvement of the Security posture
Under the direction of the Director of IT Security or the Manager IT Security, performs routine assignments in the IT Analyst job band
Respond and participate in management of investigations related to security breaches, incidents and outbreaks in alignment with IT Management and Security Service provider
Participate in coordination of efforts of the Cyber Emergency Response Team (CERT)
Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
Work closely with other IT Departments, business partners, project managers, and Service Providers to perform and/or support operations processes.
Help drive resolution of security operational and service-based issues, reviewing, analyzing and reporting on Service Provider operations, as directed by the Manager IT Security Operations
Resolve or escalate issues related to security operations in a timely manner
Work with of legal hold/preservation order system & coordinate with in-house counsel to collect electronic data for internal review as appropriate
Work closely with the IT Support Services to resolve Service Provider related issues and to help ensure accurate reporting related to Service Provider performance
Work closely with project managers and Service Provider personnel to help track and monitor projects that meet business needs and adhere to agreed-upon service levels (e.g., budget, schedule, quality)
Create and revise policies and procedures to ensure operating efficiency and regulatory compliance.
Facilitate audits of processes related to Security Services.
Assist in ensuring the Service Providers are adhering to defined policies, procedures and standards.
Confirm that Security Services supporting and procedures documentation is available and kept up-to-date
Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
Maintain a solid understanding of the Service Providers security operations and service delivery capabilities and processes
Interact with Service Provider team members, helping to ensure they are properly qualified and staffed appropriately to meet business needs
Maintain a solid understanding of the scope of the Service contracts as reflected by service levels, statement of work and pertinent schedules/exhibits
Other duties as assigned.
Bachelors Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts of IT Security
2-3 years of experience in security services or security analysis, deployment and support
Working knowledge of LAN, WAN and VPN technologies
Understanding of OSI model and the role security plays within the stack
Broad understanding of IT Risks and Controls and ability to apply risk and control concepts.
Basic knowledge of the NIST Cybersecurity Framework.
Strong grasp of data privacy, protection, risks and controls.
Experience working closely with service providers, as directed by Management
Knowledge of IT security tools and components, trends and best practices
A strong understanding of the business impact of security tools, technologies and policies.
Solid skills with computer operating systems (Microsoft Windows, Unix, Macintosh and Mainframe) and software (MS Office Suite, MS Project, and other IT applications) and ability to learn new technical concepts quickly
Excellent analytical abilities, including process analysis and development, problem solving and root cause analysis
Strong teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills
Ability to work in a confidential environment
Willing to travel to business unit or Service Provider locations, as needed
Willingness to be on call or respond to security situations as required by Management
Preferred for Selection:
Business operations knowledge
Vulnerability scanning experience
Malware analysis and Threat analysis
Performing / managing Penetration Testing
General working knowledge of the gas and electric utility industry
Involvement with and comprehensive knowledge of networking fundamentals (routing, firewalls, load balancing, etc.) and network traffic analysis
Experience in viewing and interpreting Windows event log analysis as well as overall security log management
Knowledge of ITIL processes and metrics
Familiarity with applicable legal and regulatory requirements, including, but not limited to, the Sarbanes-Oxley Act, FERC, NERC/CIP.
Working experience with ITIL processes and metrics (ITIL V3 certification a plus)
Demonstrated skills in penetration testing, intrusion detection systems, firewall deployment and management, vulnerability assessments, incident response and/or patch management required
Understands and applies Project Management Fundamentals
Proven track record in managing project (s)
Can work independently in the assigned functional domain
Subject matter expert in one or more of the following in an Enterprise Environment:
Operating systems Windows, Unix, Linux, etc.
Virtualization or Container technologies, VMware, Hyper-V, Citrix, VDI, Docker, etc.
Patch management tools and systems.
Networking including routers, switches, and firewalls
Active Directory, Network Access Control, IDS/IPS, HIDS, SIEM, MDM/EMM, etc.
Demonstrated experience in leading multiple process improvement initiatives
Experience Developing a security program and delivering security projects that address identified risks and business security requirements.
Possess and maintain at least one of the following certifications:
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Systems Security Certified Practitioner (SSCP)
EC-Council Certified Security Analyst (ESCA)
CompTIA Security+ (Security+)
Cisco Certified Network Associate - Security (CCNA-S)
Apply by creating/using an account
DIVERSANT (diversant.com) is one of the largest African-American owned IT staffing firms in the U.S. We offer rewarding career opportunities with many of the nation’s leading corporations. Our experienced recruiters understand what hiring managers look for in a candidate and provide our applicants with the proper support and guidance along the entire application and interviewing process. We offer opportunities on a contingent, contract-to-hire, and direct hire basis. At DIVERSANT, we are committed to providing the highest level of service and satisfaction to our customers, consultants, and employees.
DIVERSANT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, DIVERSANT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.
WORK OPPORTUNITY TAX CREDIT
Diversant LLC participates in the Work Opportunity Tax Credit program. ADP Tax Credits administers this program on our behalf. It is vital that you follow the steps listed below in order for the tax credits to be processed. We appreciate your cooperation. Please note participation in this program is voluntary and is a required part of the employment application process. Formal application steps should still be followed.
Work Opportunity Tax Credit Applicant Instructions
• Open https://tcs.adp.com/screen/index.html?cc=diversant
Note: To change the language on screen please select a language from the dropdown box
• Click on Continue to begin
• Please answer each question including electronically signing any applicable forms
• To complete the interview and save your work, please click eSign and Finish
• If applicable, upload any available supporting documents and click Continue