Information Security Analyst
Previous Job
Previous
Information Security Analyst
Ref No.: 18-29790
Location: Malvern, Pennsylvania
Start Date: 04/30/2018
Title: Information Security Analyst
Location: Malvern, PA
Duration: Full time/permanent
Job Description:
  • Briefly describe the duties and responsibilities
  • Mitigates and resolves security events and incidents. Analyzes the security impact of each request and resolves the threat. Adds, updates or revokes security access based on the nature of the threat
  • Implements security monitoring rules, monitors security systems, analyzes events and investigates security-related incidents.
  • Partners with the division and the enterprise to develop, communicate and implement roles that meet the business needs and follow security administration policies and standards, while limiting the information security risk.
  • Maintains an awareness of issues, developments, and best practices within the information security discipline.
  • Recommends solutions that can improve or resolve Vanguard security issues
  • Provides problem support within the department and partners with other members of Business Access Management, Information Security, Information Technology and other departments as necessary to identify and resolve security issues.
  • Determines need for Tier 2 or Tier 3
  • Troubleshoots issues to determine root cause, and implements corrective action with minimal supervision.
  • Establishes and maintains effective service relationships with business units and departments by keeping them informed of the status of their security requests and tickets; understanding their business needs and escalating as necessary; providing non-technical answers to security questions; and explaining the rationale behind security policies, procedures and monitoring.
  • Keeps management within the department informed by communicating progress, issues, concerns and opportunities.
  • Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations
  • Identifies opportunities to improve the quality, efficiency and effectives of the department as well as the processes that affect the divisions and the enterprise.
  • Maintains an awareness of the department's dashboard and provides suggestions to improve performance.
  • Adheres to VGI Information Security policies and department procedures along with following industry best practices.
  • Works with other departments (within and outside of Information Technology) as well as Systems Integration, Tech Ops, Web Services, HR, Legal, and Fraud teams to develop, communicate and implement appropriate and consistent security requirements.
  • Analyzes and provides recommendations to departmental policies, standards and procedures.
  • Interfaces with the Information Security Group and IT on division and company-wide security policies.
  • Documents security requirements, develops/conducts testing, and documents security administration procedures for new and enhanced departmental security tools as well as new technology projects assigned by management. When approved, independently implements security administration solutions
  • Participates in special projects and performs other duties as assigned.
Skills:
  • Information Security Analyst - Incident Handler
  • 3+ years of experience with network security
  • Experience with working Incident Response in a 24/7 SOC environment
  • Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Security Systems Manager, malware analysis and forensics tools.
  • Ability to clearly and concisely document Cybersecurity incident details and escalate appropriately, as required
  • Detailed technical understanding of current cyber security threats, trends, and mitigation techniques
  • Resolves security issues to determine root cause and implements corrective action with appropriate level of assistance.
  • Where necessary, partners with other members of Information Security, Information Technology and business departments.
  • Knowledge of TCP/IP communications and how common protocols and applications work at the network level
  • Executes test cases on security administration tools used by SOC to perform security investigations.
  • Performs quality control steps to determine the quality of the work performed by the team.
  • Identifies opportunities to improve the efficiency and effectiveness of SOC processes and procedures.
  • Participates in projects to implement process improvement.
  • Participates in special projects and performs other duties as assigned.
  • Ability to learn and operate in a dynamic environment
  • Must be willing to work nights, weekends and holidays
  • Performs rotating on-call responsibilities.
  • Must have or be able to attain Security+ Certification within 1 year