Job DescriptionCANDIDATES MUST BE ABLE TO WORK CST HOURS
The IT Security Analyst is responsible for ensuring that technical controls align with information security policies and regulatory requirements. This role supports security education, training, and awareness initiatives; monitors compliance with information security policies and applicable laws; and coordinates the investigation, response, and reporting of security incidents.
Working closely with Core IT Services (ITS), the IT Security Analyst monitors, assesses, and enhances security procedures and controls. The role includes conducting periodic vulnerability assessments of systems, networks, and applications, evaluating risks, and recommending corrective actions based on risk assessments, audit findings, and security reviews. The analyst also plays a key role in responding to cybersecurity incidents, working to contain, remediate, and mitigate threats while minimizing business impact.
Key Responsibilities- Monitor and respond to information security issues across systems and business workflows to ensure security controls are effective and operating as intended.
- Administer, manage, and maintain security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), content filtering solutions, endpoint protection platforms, and other security controls.
- Utilize and manage security tools such as SIEM platforms, vulnerability scanners, forensic tools, and threat monitoring solutions to identify, assess, and respond to security risks and incidents.
- Enforce security policies and procedures by administering security profiles, reviewing security violation reports, investigating exceptions, and maintaining documentation of security controls.
- Coordinate and support incident response activities, including investigation, containment, remediation, recovery, and reporting.
- Partner with IT, Legal, Compliance, and other stakeholders to identify and manage security vulnerabilities and risk exposures.
- Assist in the development, implementation, and maintenance of security policies, standards, and procedures, including authentication controls, security monitoring, incident escalation, auditing, encryption, and firewall management.
- Develop, deliver, and maintain security awareness and training programs to promote a strong security culture.
- Conduct ongoing security research to stay informed of emerging threats, vulnerabilities, technologies, and industry best practices.
- Participate in the evaluation and implementation of security products, technologies, and processes to improve organizational security, efficiency, and effectiveness.
- Support internal and external audits, risk assessments, and compliance initiatives as required.
Qualifications- 5 Years of experience in an IT role with 3 years of IT Security Experience
- Experience with Anti-malware, EDR/XDR, and similar platforms
- Experience with threat hunting and cyber investigations
- Experience with endpoint and network security monitoring
- Experience in containing and remediating cybersecurity incidents
- Solid skills with Windows and Linux
- Able to work both on a team and independently
- Knowledge of common adversary tactics and techniques, e.g., obfuscation, persistence, defense evasion, etc.
- Basic understanding of network traffic analysis including TCP/IP, routing, switching, protocols, etc
- Demonstrated ability to explain complex ideas and concepts both verbally and in writing to technical and nontechnical audiences.
Preferred:
- Preferable experience with Cloud Security
- Preferable experience with Microsoft 365 security
- Direct experience using scripting languages to automate tasks and manipulate data.
- Experience in Healthcare
Additional InformationDiscover some of the global benefits that empower our people to become the best version of themselves:
- Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
- Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
- Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
- Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
- Health: Global internal wellbeing programme, access to wellbeing apps;
- Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.
Additional Employee Requirements
- Participation in both internal meetings and external meetings via video calls, as necessary.
- Ability to go into corporate or client offices to work onsite, as necessary.
- Prolonged periods of remaining stationary at a desk and working on a computer, as necessary.
- Ability to bend, kneel, crouch, and reach overhead, as necessary.
- Hand-eye coordination necessary to operate computers and various pieces of office equipment, as necessary.
- Vision abilities including close vision, toleration of fluorescent lighting, and adjusting focus, as necessary.
- For positions that require business travel and/or event attendance, ability to lift 25 lbs, as necessary.
- For positions that require business travel and/or event attendance, a valid driver's license and acceptable driving record are required, as driving is an essential job function.
USA Benefits (Full time roles only, does not apply to contractor positions)
- Robust healthcare and benefits including Medical, Dental, vision, Disability coverage, and various other benefit options
- Flexible Spending Accounts (Medical, Transit, and Dependent Care)
- Employer Paid Life Insurance and AD&D Coverages
- Health Savings account paired with our low-cost High Deductible Medical Plan
- 401(k) Safe Harbor Retirement plan with employer match with immediately vest
