Cybersecurity Analyst – Full-time
What are you looking for?
•Be part of a cohesive team that promotes collaboration and teamwork
•Work in a technologically advanced environment with exposure to many specialized computer applications
•Competitive compensation and benefits
•Professional development opportunities
•Strength of a big firm with the culture of a small firm
•Subsidized downtown parking
•Working within a state-of-the-art building
Who are we looking for?
Siskinds is growing and we are currently seeking a Cybersecurity Analyst. This position will require you to ensure the secure operation of the organization’s internal and external systems, servers, applications, networks and infrastructure. This role includes examining and reviewing security logs, reports, data, network traffic and analytics to identify suspicious activity and threats along with scanning, configuring, deploying, maintaining and troubleshooting security-related appliances and applications. The Cybersecurity Analyst will use the collected data to develop protections and provide advice to leadership on best practices to improve security and organize training programs for non-technical employees for better understanding and adherence to the organization’s policies. This role is responsible for keeping the company’s security systems up to date, creating documentation and planning for all security related information. Tasks may include involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, trainings, guidelines and procedures as well as conducting vulnerability and compliance audits and assessments. This role will assist in the identification, investigation and timely resolution of security-related incidents and alerts detected by IT systems. The Cybersecurity Analyst will research industry trends along with in-the-wild security threats and will work collaboratively to recommend, develop and implement mitigation techniques, processes and/or deploy hotfixes and patches to protect IT assets.
•Bachelor’s degree in Computer Science, Computer Engineering, Information Technology or similar
•Preferred cybersecurity certification: CISSP Certification
•5 years experience in cybersecurity in an enterprise environment including: security tool deployment and support, security risk, vulnerability analyses and remediation
•Advanced understanding of TCP/IP, common networking protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements such as NIST and other industry relevant cybersecurity frameworks
•Demonstrated experience with conducting security assessments, implementing information security recommendations, analyzing technical controls, and applying security control standards.
•Must have demonstrated experience with applicable Industry Standards and Frameworks; specifically, Information Technology Infrastructure Library (ITIL),Centre for Internet Security Critical Security Controls (CIS CSC), NIST Cybersecurity Framework (CSF) and Payment Card Industry Data Security Standard (PCI DSS)
•One or more of the following certifications: CompTIA Security+, Microsoft Certified Systems Administrator: Security, Certifications in one or more of the following areas is preferred: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and/or SANS GIAC Security Essentials (GSEC),Additional certifications from Palo Alto, VMware, or Citrix will be seen as an asset.
•Hands-on experience analyzing high volumes of logs, network data and other attack artifacts
•Experience with vulnerability scanning solutions
•Proficiency with antivirus and security software including Carbon Black Cloud Sensor and Windows Defender
•Experience with SIEM solutions such as AlienVault considered an asset
•Experience working with 3rd parties to engage, conduct, deliver assessments and recommended re mediations
Strategy & Planning
•Assist with the design and implementation of business continuity, incident response and disaster recovery plans for operating systems, databases, networks, servers, and software applications in collaboration with internal systems stakeholders.
•Assess need for ongoing proactive security reconfigurations (minor or significant) and execute them as required.
•Conduct research on emerging threats, products, services, protocols, and standards in support of security enhancement and ongoing development efforts.
Acquisition & Deployment
•Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, best practices, improved processes, and the development of new attacks and threat vectors.
•Lead and organize proof of concept toolsets to improve cybersecurity posture of the organization.
•Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.
•Develop, implement, maintain, and oversee enforcement of policies, procedures, standards, guidelines and trainings for ongoing system security administration, user awareness and system access based on industry-standard best practices.
•Perform ad-hoc and scheduled internal compliance checks, reviews and audits of IT systems to ensure alignment to established operating procedures, standards and guidelines.
•Maintain up-to-date baselines for the secure configuration and operations of all organizational-owned hardware and software assets.
•Maintain operational configurations of all in-place security solutions as per the established baselines.
•Monitor all in-place security solutions for efficient and appropriate operations, apply configurations, hotfixes and updates as required.
•Oversee regular internal and external security/compliance audits and penetration testing of IT systems to identify system vulnerabilities; develop appropriate remediation procedures and work with internal/external resources to resolve documented issues and vulnerabilities.
•Design, implement, and report on overall organizational security stance, including vulnerability status, compliance and active threat reports for systems, devices and end users.
•Assist with the day-to-day scanning, deployment and remediation of security-related patches, hotfixes and/or firmware for operating systems, applications, appliances and devices.
•Monitor server logs, firewall logs, intrusion detection logs, alerts and network traffic for unusual or suspicious activity. Follow up on triggered alerts to interpret activity and implement measures or make recommendations for resolution or improving overall security posture.
•Design and deliver cybersecurity training such as email phishing campaigns
•Oversee the dissemination of end-user information and training including developing and executing ad-hoc awareness campaigns to measure and improve the organization’s security posture.
•Coordinate the investigation, remediation and follow-up actions associated with any assumed or confirmed security event.
•Position involves some evening and weekend work (including on-call assistance).
•Discover security violations and inefficiencies by conducting periodic and random audits.
•Detect insecure features and malicious activities within our networks and infrastructure.
•Implement, own and maintain security controls and processes including SSL certificate management, email filtering, vulnerability management.
•Develop and maintain solution for tracking of security events across all platforms (SIEM).
•Identify and prevent/solve potential and real cybersecurity incidents.
•Develop and maintain cybersecurity incident response plan.
•Work with third parties to arrange and perform periodic penetration testing and conduct security assessments, as required.
•Assess current situation, evaluating trends and anticipating security requirements to assess and remediate risk to the corporation, its systems and data
•Inform of and assist the corporation in adhering to strict industry standard compliance
•Keep leadership informed by preparing performance reports; communicating system status
•Review and remediate user and system discovered potential breaches and work directly with users to analyze, remediate or resolve each
•Other duties as assigned
You will work well both independently and within the team setting. You will have a sincere passion for new technology learning and application. You enjoy a fast-paced, multi-tasked and deadline driven environment. We are a truly cohesive team, and as such, being a team player as well as having a strong technical ability and positive attitude will make you a top runner, and ideally our chosen candidate. Our comprehensive in-house training and ongoing support is of the highest level. We offer competitive compensation and benefits.
Siskinds is an equal opportunity employer and will work with and accommodate persons with disabilities throughout the entire recruitment, selection, and on-boarding process. To learn more about us, please visit our website at www.siskinds.com Please email your resume quoting “Cybersecurity Analyst” and “Your Name” in the subject line, to firstname.lastname@example.org . Deadline for submissions is Friday, February 3, 2023.