The Security Analyst will be responsible for translating security requirements into system tenets and validate implementation strategies meet cybersecurity standards and guidelines. This position will be responsible for cybersecurity architecture standards enforcement and may consult with internal customers (e.g., system engineers), leadership, security analysts, and IT architects in other lines of business on architectural directions related to information security. This position will be responsible for understanding cross-company business needs and designing solutions that meet business requirements while maintaining confidentiality, integrity and availability of information and systems. This person is expected to lead through influence, communicate effectively through clarity of thought and demonstrated understanding of business, security, and technical requirements.
This position will be engaged in problem solving on complex systems and project issues. This position will also be a champion for cybersecurity standards validation and enforcement within the organization.
Responsibilities:
• Reviews existing security architecture for new device types.
• Ensures devices meet security requirements.
• Documents security exceptions related to new device types.
• Identify compliance gaps and recommend appropriate security measures.
• Serves as a liaison between cybersecurity and NAC/ISE operational teams.
• Interfaces with various security teams as needed to support NAC and ISE security and capabilities.
• Provides input on current and emerging network security threats and recommends security architecture to mitigate them
• Study, define, and provide input on network architectural standards, guidelines and design patterns that increase agility, flexibility, security, and reuse of solutions and assets.
• Ensure NAC deployments maintain confidentiality, integrity and availability of company information and assets without business impact.
• Document NAC security processes and procedures used in reviewing and approving security architecture for new device types.
• Maintain documented NAC process and procedures, ensuring documentation is repeatable and error free.
Basic Qualifications:
• Bachelor’s Degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems
• A current CompTIA CASP+ or equivalent cybersecurity related certification.
• 3+ years in Cybersecurity with significant experience in designing and implementing security solutions, military information security and/or system administration role
• Or in lieu of degree, 5+ years in Cybersecurity with significant experience in designing and implementing security solutions, military information security and/or system administration role
Desired Qualifications:
• Experience with developing designs and architecture for emerging technology leveraging industry standards
• Experience converting documented business requirements into conceptual, logical, and physical design document
• Experience with Archer GRC tools.
• Advanced understanding of security solutions that support confidentiality, integrity, and availability such as, Network Access Control, Active Directory, Cisco ISE, firewalls, IDS/IPS, PKI, SIEM, and VLANs
• Practical experience implementing NIST or other industry standard framework
• Understands Static Code Analysis, Dynamic Code Analysis, Penetration testing and has helped companies remediate vulnerabilities and issues
• Perform security related services and process assessments and evaluations based on NIST, OWASP, NIST, PCI-DSS, CWE/SANS, CSA guidelines
• Authentication and Password Management, Session Management, Access Control, Input Validation, Output Encoding, Cryptographic Practices, Error Handling and Logging, Data Protection, Communication Security, System Configuration, Database Security, File Management, Memory Management, General Secure Coding Practices
• Web Application security, Vulnerability management: Application Firewalls, SEIM, Anti-Virus
• Data Loss Prevention (DLP), FIM, Secure coding and configuration standards
• VPN technologies such as PKI, IKE, IPSEC, SSL/HTTPS and digital certificate
• Advanced understanding of OSI model layers and the TCP/IP protocol suite.
Travel Requirements:
0-5% travel
Location:
Charlotte, NC
Eight Eleven Group provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws