The Security Analyst will work closely with the Director IT/Manager Infrastructure to ensure the security of the Firm. Candidate must have excellent communication, problem solving, organization and follow-up skills with the ability to handle multiple assignments simultaneously. Candidate should demonstrate good judgement as well as attention to detail while working with a team.
ESSENTIAL FUNCTIONS: • Working knowledge of CompTIA Security + • Demonstrated knowledge of security concepts to include man in the middle attacks, phishing, bug bounties, and identity management. • Create and analyze security policies and procedures to determine weakness in infrastructure security and complete a thorough audit of existing measures. • Work with the Director of IT, and the Infrastructure Manager to evolve the on-premises and cloud security strategy. • Minimize the negative impact of security breach by shifting security measures for future prevention and creating information assurance. • Work with other IT groups to make sure all systems and software are upgraded. • Manage antivirus software. Microsoft Defender Preferred. • Test and evaluate new security technologies. • Analyze IT requirements and provide objective advice on the use of IT security policies and procedures. • Identify potential areas of security risk, develop, and implement corrective action plans for resolution of problematic issues, and provide general guidance on how to avoid or deal with similar situations in the future. • Provides reports on a regular basis to the IT Director and the Infrastructure Manager to keep current with all security efforts.
PREFERRED SKILLS: • Knowledge of Zero Trust, SaSe, and VPN • Knowledge PAM (Privileged Access Management) technology. • Understanding of HTTP, HTTPS API, and application security. • Perform phishing campaigns and end user security training. • Knowledge of Azure networking, M365 security, and Azure conditional access policies. • Knowledge of DMARC, DKIM, and SPF
REQUIRED SKILLS AND EXPERIENCE: • Bachelor's degree in information systems, or Cyber Security preferred • 3+ years of experience in information technology • Experience in Enterprise LAN, WAN Technologies • Knowledge of Microsoft Azure cloud security technologies, Defender Cloud. • Knowledge Email Security. Mimecast and M365 Preferrable • Ability to identify and mitigate network vulnerabilities. • Understand patch management. • Knowledge of firewall concepts • Experienced in installing security software and documenting security issues. • Excellent written and oral communication skills.
ADDITIONAL QUALIFICATIONS: • Problem solving and analytical skills. • Project management skills • Demonstrated ability to work solo.
WORKING HOURS: • Work may require more than 40 hours per week to perform the duties of the position which may include nights and/or weekends. • Be available to resolve critical security related issue 24/7 when needed. • Included in the on-call rotation. • Work may require travel.
WORKING CONDITIONS: Work is performed in a normal heated or air-conditioned office environment.
The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of essential functions, responsibilities or requirements. This job description must not be misconstrued as a promise of employment, nor deemed as an employment contract. EOE. We participate in e-verify.