Previous Job
Information Security Analyst II
Ref No.: 18-00256
Location: Hood River, Oregon

Title: Information Security Analyst II
Location: Bingen, WA
Type: Contract (6 months)

Monitors computer network/information security measures and controls. Implements applications and provides ongoing infrastructure maintenance. Conducts user compliance monitoring and documents findings. Performs or assists with system and equipment risk assessments and tests. Identifies and documents functionality, security measures and vulnerability issues. Implements system security patches. Reviews system logs and identifies anomalies. Conducts limited penetration testing and recommends systems risk level. Implements security controls, performs active threat monitoring and documents or elevates security events. Performs initial response to security breaches. Determines extent of breach and recommends or implements remediation steps. Gathers data and assists with system forensic analysis or malware and prepares security reports. Conducts or assists with required security awareness training.

Primary Duties and Responsibilities:
Assists in the ongoing engineering and operation of the Security Operations Center's Security Information and Event Management (SIEM) tool, as well as other security technologies. Must be able to identity and respond to malicious events in real-time. The candidate will work with other technical functions to reduce the false positive and suppress duplicate alerts associated with deployed security technologies. The Security Analyst will respond to security incidents and generate targeted alerts for suspected areas. Assists in the creation of an end-to-end technology strategies to address current and future security concerns, emerging threats, regulatory compliance and alignment with technology and the business. The Security Analyst must bring to the table, knowledge of security threats (external, internal, etc..), vulnerabilities and controls, and possess the ability to assess applicability of those variables to company's business initiatives and business strategies. The Security Analyst must manage minor projects / tasks and provide regular reports of progress to the Information Security Manager.

Required Skills and Abilities:
- Prefer candidates with prior experience working in a security operation centers
-Must have analytical skills for reviewing and responding to Security events in a business environment
- Must have experience with various networking and security tools such as firewalls and intrusion detection systems
- Knowledge of cyber security incident response protocols (e.g., identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information
- Ability to identify susceptibility, survivability, and vulnerability (S/V) of the systems, subsystems and delivery mechanisms, based on the knowledge of characteristics and capabilities of threats (e.g. protocol exploits, identity spoofing, malware injection techniques, application layer vulnerabilities)
- Ability to instruct others on discipline specific operations, tasks or systems
- Ability to perform technical evaluation and analysis of computing systems and infrastructure to identify underlying security vulnerabilities; communicate vulnerabilities, threats, resulting risk and recommended remediation to system owners
- Must have excellent communication skills and ability to work with technical and non-technical employees

Technical Bachelor's Degree and 2 or more years related work experience or a Master's Degree. A technical degree is defined as any four-year degree, or greater, in mathematics, sciences or technologies.
Strongly prefer candidates that have current certification related to Information Security.