Cybersecurity Analyst

Job Title: Cybersecurity Analyst                                                  

Department:  Information Technology  

Classification: Exempt/Salary                                                    

Reports to:  Director of IT Infrastructure and Information Security

Job Qualifications:

1. Demonstrate a powerful sense of internal customer service and a strong work ethic to positively contribute to the company's mission and vision.
2. Sound written and verbal communication skills; must be able to communicate proficiently to a non-technical audience.
3. Proven experience working in an enterprise IT organization, concentrating in the following areas: Information security, SOC, Policy creation, and review.
4. Knowledge of cyber-attack stages (reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
5. Exceptional knowledge of penetration testing principles, tools, and techniques
6. Strong Knowledge of network topology, WIFI, VLAN, routing, firewalls, servers, and cloud technologies.
7. Strong knowledge in performing packet-level analysis to characterize and classify network traffic and trace vulnerability and potential compromise.
8. Working experience in compliance with OSHA, SOC, HIPPA, and PCI.
9. Requires knowledge of security issues, techniques, and implications across all existing computer platforms.
10. Must have extensive knowledge in networking and server infrastructure, Azure cloud, and web applications.
11. Experienced in security administration, management of security projects, and complicated security issues
12. Strong experience working with EMDR, EDR, Antivirus, SIEM, log management, and vulnerability scanning tools (Nessus).
13. Strong skills in creating and updating cybersecurity policy, employee security assessment training, and quarterly updates.

Educational Requirements:

Bachelor's degree from a four-year college or university and 2 to 4 years of varying environmental experiences centered around Information Security.

Job Summary:
Responsible for the operation of network security tools and devices under minimal guidance. Provides security monitoring operational service management and participates in ticket escalation. Troubleshoots and resolves complex security issues. Gives subject expertise to all security-related projects, changes, and enhancements.

Job Duties:

1. Perform quarterly vulnerability scans internally and externally. Provide reports and findings to the Director of infrastructure and information security.
2. Provide operational support and triage for issues related to security-related issues or concerns.
3. Work with IT applications, operations teams, and lines of business to ensure processes, procedures, and applications meet the requirements for security and compliance.
4. Develops and maintains skills in responding to system and data breaches by internal and external threat actors. Performs forensic duties in support of YCH as necessary.
5. Assists with the testing of forensic capabilities and processes for proper functionality.
6. Assists other staff members in performing forensic collections and investigations and delivering comprehensive reports of findings as requested.
7. Demonstrates knowledge of the forensic requirements for collecting, preserving, and presenting evidence.
8. Assists with the compilation of investigation reports, supporting evidence and data, and other incident or investigative-related documentation as requested.
9. Develops and maintains effective security event monitoring, controls, processes, and technologies that identify threats to the infrastructure and systems so that production is not disrupted.
10. Proactively monitors established controls for known threats and anomalous activity, indicating a potential risk to provide IT technical infrastructure support, including out-of-hours support when required.
11. Identify opportunities and recommend improving the security posture with process, training, and tools.
12. Analyze and report on threats that could impact the integrity of our systems, networks, and applications.
13. All other duties as assigned or required
14. Preferred experience in multiple technologies related to security and monitoring technologies and processes.
15. Must have excellent business analysis, documentation, and communication skills
16. familiar with standard concepts, practices, and procedures supporting multiple office locations, including globally (EU).
17. Minimum 2+ years of experience in project managing, integrating, and implementing infrastructure technologies & services and related technologies.
18. Minimum 2+ years of security administration experience strongly desired.
19. Minimum 2+ years of experience with Microsoft technologies, including Windows OS and Cisco networking.
20. Other duties may include special projects as assigned, providing support in all project phases from planning and analysis to implementation and ongoing maintenance.
21. Adhere to all company policies.
22. Able to work nights and weekends as required or requested.
23. Able to manage multiple projects at once.
24. Maintain sanitary and safe work environment and follow safety requirements.
25. May actively participate on company’s Safety Committee.
26. Ensure that company safety policies as well as federal, state and local safety and environmental regulations are observed.
27. Must have a complete understanding of company’s policies, SOPs, QPs, EPs, HACCP and cGMP that pertain to their department to ensure quality, safety, efficiency and sustainability.
28. Must adhere to all company policies.
29. Examine documents, materials, and products and monitor work processes to assess completeness, accuracy and conformance to standards and specifications.
30. Follow all SOPs in a given area.
31. Perform all other duties as assigned by Manager and/or designee.

Benefits:

1. Medical, Dental, & Vision insurance
2. Health Savings Account (HSA)
3. Flexible Savings Account (FSA)
4. Company Paid Life & AD&D, Voluntary Life And AD&D Insurance
5. Employee Assistance Program (EAP) - Lifeworks
6. Calm for Work
7. 401(k) retirement plan with 6% & Roth option
8. Education Tuition Assistance Program
9. 10 Recognized Holidays
10. 50 hours of personal/sick time pro-rated based upon hire date
11. 110 hours accrued Vacation
12. Competitive Wages
13. Performance Incentive Bonus opportunities
14. Wellness Benefit
15. Employee Giveback Program
16. Individual Development Programs
17. Youth Donation Program
18. Continuing Education Programs
19. Bring your Pet to Work Program (applies to admin positions only)
20. Pet Insurance
21. And much more…