Job Description :
Interview Mode – Direct IN-Person
100% Onsite work only – Monday to Friday (No Tele-commute / Remote option
In-Person Interview is Required.
35 hours work week – 8am to 4pm with unpaid lunch.
POSITION OBJECTIVE:
Works under the general direction of the Chief Information Officer, or designee, to perform Information Security related duties in the areas of cyber security, information security policy, monitoring and compliance/audit, penetration testing, application vulnerability assessments and risk assessments, security education, and training. The Information Security Analyst is responsible for managing access and authorization to the client’s information resources, recording the details of reported IT service issues and service requests, working to either restore service as quickly as possible, or alerting and/or escalating them to the appropriate specialist support groups.
RESPONSIBILITIES:
1. Performs and manages the implementation of countermeasures or mitigating controls. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices, research, malicious code reverse engineering, penetration testing, and threat intelligence.
2. Assists in performance and coordination of Security Incident Response activities.
3. Monitors and analyzes logs from various systems including, but not limited to Intrusion Detection Systems, Intrusion Prevention Systems, Firewalls, Routers, Switches, PCs, Servers, VPN, AIX, and LINUX log files.
4. Performs periodic and on demand system audits and vulnerability assessments, including user accounts, application access, file system, external Web integrity scans, and SSL Certificates scans to determine compliance.
5. Provide clear communications to management on various cyber activity.
6. Monitors and maintains systems and procedures to protect agency data from unauthorized users.
7. Coordinates with users to discuss issues such as computer data access needs, security violations, and programming changes.
8. Works closely with 3rd party security partner to secure Authority data and assets.
9. Provides organizational wide cyber security oversight through the establishment of a comprehensive and sustainable governance, risk management and compliance (GRC) framework and IT security policies, standards, guidelines and procedures.
RESPONSIBILITY FOR RELATIONSHIPS:
Has responsibility for maintaining harmonious working relationships with this and other departments and individuals in the Authority’s organization, as well as outside vendors, necessary for obtaining the objectives of the position. In addition, individual should have a high level of initiative and a proactive nature, good communication and presentation skills.
MINIMUM QUALIFICATIONS:
1. Bachelor's degree in Computer Science with major coursework in information technology security, computer information systems, management information systems, or a related field.
2. Any ONE of these is Mandatory for this position: Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified in Risk and Information Systems Control (CRISC
3. Extensive knowledge of IT security & privacy standards, technologies, practices, guidelines and theories; business continuity planning, auditing, and risk management.
4. Must have a minimum of 5 years of experience in an IT Security role.
5. Excellent oral and written skills.
6. Possess a valid driver's license.