Senior Information Security Analyst

Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
 

Responsibilities:

• Solid understanding of several security disciplines. Has an in-depth understanding of security threats as they relate to the business.

• Creates and pioneers security management practices.  Ensures automation is repeatable and maintainable.

• Builds and maintains advanced security systems\processes like SIEM, endpoint protection, incident response and has a deep understanding of security principles and tooling.

• Helps to make critical security architecture and implementation decisions

• Helps to define and build out standards for how security features and services are implemented

• Participates in vendor and purchasing decisions

• Has successfully led at least 2 medium team projects (on time, goals achieved)

• Defines, documents, and evolves best practices for system\process installation, configuration, troubleshooting, and monitoring.

• Recognized by multiple teams as an expert mentor and teacher.

• Consistently in demand for security review and guidance.

• Regularly provides training and support for new methods, tools, and processes

• Builds tools, frameworks, and projects that improves security across Clearwater

• Sets a positive example throughout the company for quality and responsibility.

• Helps define hiring standards and practices

• Able to anticipate and quickly adapt systems and practices to changes in security landscape.

• Partners with other organizations to ensure the security of systems\processes

Requirements:   

• Experience in analyzing network logs

• Experience in at least one programming language

• Experience in Network Security or Application Security

• Understanding of common Information Security concepts, practices, and procedures

• Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection, incident response

• Strong written and oral communication skills and the ability to prioritize work

• Strong aptitude for problem solving, math, and communication

• Strong organizational and interpersonal skill

• Understands how security projects contribute to business goals

Desired Experience or Skills:

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study

• Five years of information systems security or computer network defense experience

• Experience with SQL, Python, and/or JAVA

• Experience with a SIEM

• Security Operations Center (SOC) or Network Operations Center (NOC) experience

• Industry certifications in cyber security incident management

• SANS GIAC, CEH, CompTIA Security+