The IT Security Analyst will be responsible for cybersecurity at ASEBP and will focus on ensuring security best practices are implemented and monitored throughout infrastructure and systems using the controls developed by the Center for Internet Security as a baseline. The IT Security Analyst will also engage in the implementation and maintenance of security-related IT systems and the creation of policies that will be used to ensure adherence to security best practices.
Your Key Responsibilities
- Research best practice security controls, comparing them to ASEBP's implementation to build a risk-based roadmap to implementing CIS controls
- Creation and enforcement of security policies
- Implement security controls into ASEBP systems, infrastructure and processes
- Assesses security health of internal systems on a schedule
- Perform audits on ASEBP systems to ensure that that cybersecurity protections are properly in place
- Facilitate third-party cybersecurity audits
- Conduct in-house cybersecurity penetration & vulnerability testing
- Designs reporting and monitoring processes to ensure evolving security goals can be met
- Reviews logs and reports related to ASEBP's network, file, application and server systems
- Utilizes reporting output and facilitates delivery of information to key decision makers
Your Education and Experience
- Completion of a two to three year technical or community college certificate or diploma.
- Security Certification such as CISSP, CISM, CISA or other is an asset
A combination of education and experience may be considered.
- Strong technical knowledge and background, with the ability to adapt to new technologies and related cybersecurity changes
- Takes initiative and can work independently
- Excellent written, verbal and presentation skills to allow the production of documentation and policies supporting cybersecurity initiatives and control implementation
- Knowledge and understanding of standard cybersecurity controls, such as those from the CIS
- Understanding of firewalls, networks
- Excellent analytical skills
- Experience with security incident handling
- Understands that information security must enable business functions, rather than inhibit
- Knowledge in the following technologies would be considered an asset:
- Palo Alto firewalls
- F5 appliances
- Cisco networks
- Web and Endpoint Protection
- Microsoft Enterprise Stack
- Storage Area Networks
- Microsoft Azure Cloud
- Remote Access and Two-Factor Authentication
- Kali Linux and related ethical hacking tools (MetaSploit, John the Ripper, NMAP, etc.)
How To Apply
If you have the required qualifications and would like to become a member of our team, please submit your resume by Wednesday, October 28, 2020.
No phone calls please. We thank all interested individuals, but only those candidates being considered for an interview will be contacted. ASEBP is an equal opportunity employer.