Under the general direction of the Director of Infrastructure and Cybersecurity, the IT Security Analyst will be responsible for the security of the company's information systems and networks. This includes monitoring and analyzing network traffic, identifying, and mitigating security threats, and developing, implementing and upgrading security policies and procedures for IT Security and cybersecurity. This person will be looked upon to assist with/lead with taking our current cybersecurity program to the next iteration on a technical level. Collaborating with others within Tire Discounters IT Team in identifying and implementing appropriate security safeguards, this position will be responsible for the confidentiality, integrity, availability, authenticity, and non-repudiation of Tire Discounters data.
- Regularly monitor network, cloud services, activity logs and system alerts for any potential cybersecurity incidents, detect and proactively address vulnerabilities.
- Regularly monitor and maintain Tire Discounters’ cybersecurity education programs, reviews violations of security procedures; provide training to ensure violations do not recur.
- Identify, investigate and provide resolution to any reported information security incidents on any platforms used by Tire Discounters, either on premises, on our private cloud, or on public cloud platforms, facilitate or perform needed updates.
- Examine reports, data, and analytics to identify suspicious activity and threats.
- Review violations of security procedures; provides training to ensure violations do not recur.
- Modifies security files and applications as able and necessary to provide specialized access, allow new software to be installed or integrated, or correct errors.
- Perform risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures.
- Safeguard system security and improve overall server and network efficiency by training users and promoting security awareness.
- Regularly maintain the TD incident response plan and create new or update current incident response plan run books.
- Maintain/Modify the current Tire Discounters Disaster Recovery plan, including related run books.
- Regularly report to Director of Infrastructure and to VP of IT on the status of the Cybersecurity posture, post-event analysis of unusual events, identify and recommend the needed changes to procedures or processes to improve the overall cybersecurity maturity.
- Assist users with questions related to cybersecurity, identifying security threats and violations, discuss computer data access needs, and recommend needed process changes.
- Create and maintain technical documentation.
- Maintain knowledge of the cybersecurity capabilities of operating systems, networking devices, control systems and identify opportunities to use emerging technology to increase network and infrastructure security.
- Evaluate and recommend new vendors/tools.
- Attend webinars, training classes, industry conferences, etc. to continuously expand knowledge and understanding of advancements in information security policies, practices, and technologies.
- Work with Director of Infrastructure on setting/maintaining cybersecurity performance standards, and collaborate with the IT team to evaluate and improve the effectiveness of existing security controls and recommend new controls as needed.
Knowledge, Skills, And Abilities
- Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
- Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication.
- Strong knowledge of cybersecurity concepts, frameworks, and best practices
- Demonstrated capability to make sound decisions based on good security practices and principles.
- Proven problem-solving and analytical skills.
- Proficient in Microsoft Office Suite or related software.
- Excellent verbal and written communication skills.
- Excellent time management, organization, attention to detail, reliability and ability to work under pressure.
- Must be able to work independently or as part of a team.
- Ability and willingness to train/mentor others in Cybersecurity topics.
- Must be available and willing to be part of an on-call rotation on the infrastructure team for store support.
Education And Work Experience
- Bachelor’s degree, preferably in technology related major, or equivalent experience.
- 1-3 years of general infrastructure experience
- 1-3 years of cybersecurity related experience.
- certifications related to cybersecurity is a plus.
- Experience with Cybersecurity concepts and frameworks, such as NIST.
- Experience with network security monitoring tools and services
- Experience with incident response plans and run books.
- Experience with infrastructures, including networking, Microsoft based operating systema and cloud services.
- Experience with endpoint security, threat intelligence
- While performing the duties of this job, the employee will frequently be required to stoop, reach, stand, walk, lift, pull, push, grasp, talk, hear, see and use repetitive motions.
- While performing the duties of this job, the employee may infrequently lift and or move up to 25 pounds of material, boxes, etc.
- Specific vision abilities required by this job include close vision such as reading handwritten and or typed material and must have the ability to focus.