Ref: cyber

Cyber Security Analyst

USA, Massachusetts

Job description

Cyber Security Analyst


Position Summary:

The Cyber Security Analyst / Information Security Analyst is responsible for assisting with the day-to-day operations of securing the firm's various information systems. The Cyber Security Analyst / Information Security Analyst is tasked with providing technical expertise in all areas of network, system, and application security. The Cyber Security Analyst / Information Security Analyst works closely with the various team members in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The Cyber Security Analyst / Information Security Analyst leads the firm's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats to help the firm take pre-emptive risk mitigation steps. The Cyber Security Analyst / Information Security Analyst effectively correlates and analyzes security events within our systems environment to proactively detect threats and mitigate attacks before they occur.

Essential Duties and Responsibilities:
  • Studies evolving threats and other industry developments related to cyber security.
  • Researches / evaluates emerging cyber security threats and ways to manage them.
  • Plans for disaster recovery and creates contingency plans in the event of any security breaches.
  • Monitors for attacks, intrusions and unusual, unauthorized or illegal activity.
  • Tests and evaluates security products.
  • Designs new security systems or upgrades existing ones.
  • Uses advanced analytic tools to determine emerging threat patterns and vulnerabilities.
  • Runs internal security scans, coordinates mitigation and tracks results.
  • Investigates security alerts and is a part of the incident response team.
  • Monitors identity and access management, including monitoring for abuse of permissions by authorized system users.
  • Liaises with stakeholders in relation to cyber security issues and provides future recommendations.
  • Generates reports for both technical and non-technical staff and stakeholders.
  • Maintains an information security risk register and assists with internal and external audits relating to information security.
  • Creates and conducts employee training programs related to cyber security.
  • Monitors and mitigates 'phishing' emails and 'pharming' activity including conducting employee training and re-training.
  • Assists with the creation, maintenance and delivery of cyber security awareness training for colleagues.
  • Coordinates the creation and maintenance of cyber security policies and standards.
  • Responds and manages helpdesk tickets related to cyber security.
  • Coordinates projects related to cyber security such as CMMC certification.

Position Requirements:
  • Bachelors in Cyber Security or related discipline.
  • Hands-on experience.
  • 2+ years of systems administration in an active directory environment.
  • 2+ years of cyber security experience.
  • Security+ certification.
  • Experience / familiarity with the following :
  • IT Security Frameworks (NIST, GDPR, PCI, ISO 27001, CMMC, etc.)
  • IT Security Tools (Nessus, Kali Linux, Metaspolit, Wireshark, etc.)
  • Azure / Office 365
  • Endpoint, server and network malware detection
  • SQL Server
  • SharePoint
  • ERP systems
  • Security+
  • Scripting language (Powershell, Python, etc.)
  • Linux