Previous Job
Previous
Information Security Analyst III
Ref No.: 18-06091
Location: Various Cities, Massachusetts
Position Summary:
Information Security (IS) Analyst  will be responsible for the day to day management of the IT security infrastructure, assisting with articulating technical security requirements, monitoring the effectiveness of existing IT security framework, making recommendations for enhancements, and raising the level of security awareness. You will be part of the security team that safeguards the infrastructure and information across the company worldwide. This role involves design, implementation, monitoring, maintenance and configuration of key security services that will enable the business to meet its strategic goals and initiatives. 
Responsibilities:
IS Analyst will establish strong collaborative relationships with other groups in the organization and will be responsible for the analysis and creation of detailed technical and functional data specifications, data architecture, security policies and standards, establishing data governance to preserve data integrity and security across the organization. 
•    Responsible for testing, deploying and managing suite of security tools and services, including, but not limited, to SIEM, IDS/IPS, DLP, AV, VA scanner, baseline security controls.
•    Perform security assessments & audits, analyze results and assist with the remediation as necessary.
•    Report to management concerns of residual risk, vulnerabilities and other security exposures, including misuse of information assets and non-compliance.
•    Ensure access to all information systems is controlled, both internally and externally, commensurate with the level of potential risk and recommend appropriate remediation.
•    Participate in the security incident response efforts and other security investigation activities as assigned. Co-ordinate remediation with an appropriate sense of urgency and criticality.
•    Define and implement appropriate security requirements for IT and business projects.
•    Provide subject matter expert advice to IT staff in the detection and resolution of security risks.
•    Drive continuous improvement through trend analysis reporting and metrics management.
•    Coordinate multiple projects concurrently and influence the decision making process.
•    Perform product evaluations, recommend and implement products/services for information security team.
•    Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
•    Communicate and report issues, status, and results to senior management.
Requirements:
•    At least 5 years of experience in information security disciplines (Applications, Data, and Networks) with focus on security Architecture.
•    CISSP, CISA or CISM certification is a plus.
•    Strong domain expertise, implementation and/or integration skills in following areas: IAM, SIEM, IDS/IPS, SOC, Threat Intelligence, Cloud Security, Encryption & Key Management.
•    In-depth TCP/IP (and related protocols: ICMP, UDP, ARP, etc.) knowledge 
•    Security vulnerability scanning experience (preferably using Nessus)
•    Networks & Application security assessment experience
•    Systems Administration expertise in Windows and Unix/Linux 
•    Open Source security tools experience (nmap, tcpdump, sysinternals suite, backtrack, etc.) 
•    OS Hardening experience – Windows and Unix/Linux 
•    Experience in auditing Firewalls/Routers, DNS, FTP, WINS, etc. 
•    In depth knowledge of Shell Scripting: Perl, Bash, PowerShell
•    Malware analysis and remediation experience
•    Excellent Analytical Skills & Attention to detail
•    Strategic Thinking, Positive attitude and commitment to excellence
•    Self-Starter; independent and displays high level of initiative
•    Excellent verbal and written communication skills