Cyber Security Analyst

new york, New York

Cyber Security Senior Analyst to provide high-quality security solutions and services that are focused on improving the Firm's risk posture. The role is responsible for four core functions for the company. The first will prominently include incident response, risk reviews and vulnerability assessments, and identifying threats. The second is executing incident prevention maintenance, detection, containment, eradication and recovery across IT systems, including developing processes, monitoring events, summarizing and reporting findings. The third is overseeing the day-to-day operations of the in-place security solutions. The fourth includes support to any customer and vulnerability audits, request for proposals, and assessments.

 

The Cyber Security Senior Analyst is expected to interface with peers across all IT departments and IT management in enforcing security policies, providing guidance and best practice advice while triaging and escalating security related events to IT management.

Job Description:

  • Provides information security and cyber security analysis and best practice recommendations for hardware, operating systems, networks, software, databases, staffing, data center, and physical office space security
  • Conducts incident prevention, detection, containment, eradication and recovery across IT systems, including developing processes, monitoring events, responding to incidents, summarizing and reporting risk findings
  • Supports the development of responses to Client Proposals, Requests for Information and periodic Client IT Audits
  • Participates in the management and enforcement of Firm-wide documented policies and procedures as assigned (e.g., Information Security, Incident Response, Computer Usage, Security Awareness, Personally identifiable Information, etc.)
  • Reviews current Identity and Access Management policies, procedures, and processes to identify potential gaps and provide recommendations to strengthen current controls
  • Provides  support for external 3rd party information security vendors
  • Analyzes and resolves findings from vulnerability scans and penetration tests
  • Conducts user activity audits and performs internal forensic eDiscovery when required
  • Reviews server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting
  • Perform Information Security access and provisioning requests within established Service Level Agreements
  • Administer user systems and data entitlements, across multiple platforms and applications
  • Ensure system access requests are processed with high quality and accuracy
  • Stay abreast of current technologies, threat developments, security compliance requirements, standards and industry trends
  • Lead and/or participate in special projects as required

 

Qualifications:

  • Qualified applicants should have hand-on experience across a broad spectrum of data security disciplines.  Including Microsoft networking solutions and infrastructure and intrusion detection and prevention
  • Strong background with firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc.
  • Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, and Cisco IOS
  • Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
  • Min. of four (4) years' experience as an information security professional with advanced experience developing, documenting, and driving adoption of information security standards and procedures
  • Min. of two (2) years of advanced knowledge of security standards and frameworks
  • Min. of two (2) years of experience implementing and executing security incident response
  • Exceptional customer service, verbal and written communication skills are required
  • Candidate should be able to effectively interact with all levels of staff and C-level management
  • Bachelor’s degree from an accredited university in CS, IT, CIS, or a computer related field
  • Highly Desired: CISSP, GIAC, CEH, Security+ or related security certifications
  • Desired:  Experience with Financial Firms, Banks, and Insurance Companies a plus

 

Candidates must be internally motivated and self-driven for excellent results. Must have strong leadership skills, providing project leadership as needed, as well as excellent written and verbal communication skills. The ability to work on a team and work independently on complex tasks with minimal technical and management guidance is required.  Must be able to meet deadlines and deliver status updates to project team on a frequent basis.

Job keywords:

Address
Files must be less than 2 MB.
Allowed file types: doc docx pdf.

Vertical Tabs