Senior Information Technology Security Analyst

Job Purpose

Monitor and respond to security events from managed security systems. Champion processes and technology as a subject matter expert in various areas of information security and to demonstrate this ability at a senior level. The position works closely with teams in other information technology and operational disciplines to provide superior protection to Red Roof assets.

Duties and Responsibilities

The IT Security Analyst is responsible for the day-to-day information security operations for Red Roof. Information Security Analyst will respond to network security events. The role is expected to perform event correlation, attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to security issues that face the organization. The position will complete technical security documentation/client questionnaires and IT audit, as well as supporting the vendor IT risk assessment program, designing flexible and realistic solutions to security exposures while balancing the Red Roof organizational needs.

• Leverage security data from internal sources (IDS, routers, SIMS, Firewalls, hosts) and external sources (Industry portals, threat intel feeds, etc..) to identify high priority alerts and develop/implement proactive mitigations.

• Review security incidents; determine their severity and impact.

• Forensic analysis; analysis of compromised machines and analysis of network traffic and log data.

• Implement and maintain information resources security; recommend enhancements to security process, procedures, and policies.

• Participate in security incident management and vulnerability management processes.

• Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of infrastructure systems.

• Participate and facilitate audits of processes related to Information Security.

• Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.

• Communicate effectively with customers, teammates, and management.

• Provide input on tuning and optimization of security systems.

• Document and maintain build documents, security procedures and processes.

• Staying up to date with emerging security threats including applicable regulatory security requirements.

• Other responsibilities and additional duties as assigned by the management team.

Qualifications

• 1-3 year of information security services or security analysis, deployment, and support.

• Associate degree in Computer Sciences, Information Security, Information Systems, Engineering, Sciences, or related field.

• Good knowledge of IT including multiple operating systems and system administration skills (Windows, Linux)

• Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products.

• Understanding of security incident management, malware management and vulnerability management processes.

• Basic knowledge of PCI requirements and other security standards.

• Basic knowledge using Microsoft 365 and Azure security tools, including Microsoft Defender suite desired but not required.

• Security monitoring experience.

• Excellent analytical abilities, including process analysis and development, problem solving and root cause analysis.

• Ability to interpret log data and draw analytical conclusions.

• Entry level experience with computer programming and scripting languages.

• Experience with open-source security analysis tools, Wireshark, SNORT, Sift, etc.

• Experience with web content filtering technology – Policy engineering and troubleshooting.

• Understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTPS, SFTP, LDAP, etc.

• Strong organization, attention to detail, proven track record in managing multiple initiatives.

• Strong confidentiality assessment and ethic.

• Strong team and communication skills; collaboration, negotiation, written and in-person interaction, presentation to small or large group, people management and conflict resolution ability.

• On call/after-hours availability to respond to security situations as required by management.

• Technology certifications (or working toward) desired but not required (CISSP or CISA)

• Other responsibilities and additional duties as assigned by the management team.

Working Conditions

This Job is a home-based position that may include some onsite duties and/or travel.

We encourage you to apply even if you do not meet 100% of requirements