Position: Security Analyst
Location: Hillsboro, OH
Nature & Scope: The Security Analyst performs two core functions for the enterprise. The first is the day to day operations of the in-place security solutions while the second is the identification, investigation and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conduction vulnerability audits and assessments. The Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.
- Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the CSO, where appropriate.
- Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the CSO, where appropriate.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity.
- Participate in the delivery of information security training programs for all levels of organization, including but not limited to new hire process and ongoing awareness campaigns.
- Other responsibilities as assigned.
- Four to eight years related experience or equivalent combination of education and experience.
- Security +, GSEC or GISF certifications are strongly desired.
- Proficient with various software applications programs including Lotus Notes, Microsoft Word, and Excel.
If you would like to apply for this position, please submit your resume to firstname.lastname@example.org.