Security Analyst ( CEH Certification )
5 - 7 years experience • Energy / Oil & Gas
The Security Analyst is responsible for supporting corporate Information security strategies with a focus on analyzing exploitable vulnerabilities in the enterprise and threat hunting. This position will require a diverse set of technical and security skills, will provide technical documentation of findings with effective remediation strategies, and possess the ability to adapt and learn unfamiliar technologies with the discipline to follow processes in a regulated environment. The candidate will also safeguard the integrity of information assets and network connections while providing production support for security infrastructure. Candidate must have a well-rounded understanding and experience with a wide range of security products, operating systems, and all aspects of networking in order to maintain the security posture of the information systems throughout the system’s life cycle. Reports to Supervisor of Information Security
ESSENTIAL JOB FUNCTIONS
- Provide security services to the business, reviews new technologies, performs penetration and vulnerability testing, incident response, troubleshooting, issue resolution, and assess and communicates infrastructure security risk.
- Perform risk analysis on vulnerability findings and communicate risk assessment results (including remediation recommendations) to management for making risk management decisions.
- Create and maintain active threat hunting strategies to maintain a continuous security monitoring posture. Monitor security logs and alerts to identify threats, keep abreast of new threats and hacking techniques and ensure ability to detect them.
- Evaluate advanced security technologies and provides recommendations regarding standardization and policies.
- Coordinate with manager and supervise activities of employees engaged in supporting the organization’s applications and data as it relates to security.
- Act as liaison between Information Technology and both internal/external auditing to track controls and coordinate audit requests and responses.
- Review and update Information Security policies, procedures, standards, and guidelines based on best practices, industry standards, and guidelines.
- Review and update security training material, Web content, alert and awareness notification, and conduct training sessions for the organization.
- Work with the business and management to analyze current and emerging security risks and recommend security solutions and changes.
- Routinely check various log sources and network monitoring tools for indicators of a security incident, events, and alerts.
- Develop automated scripts and tools to handle and track vulnerability remediation efforts.
- Perform network and system securitytesting (threat hunting) to proactively identify security vulnerabilities and recommend / implement mitigation and remediation plans.
- Conduct routine assessments for rogue or unauthorized wireless access points / devices.
- Monitor industry sources for emerging security risks, defenses, and best practices.
- Understand and interpret internal and external system securityrequirements (e.g., network segmentation) and plan the implementation and support.
- Provide after hours and/or on-call support for network, security, and associated platforms.
- Assist otherSystems Administrators and Service Desk staff as required
KNOWLEDGE & SKILLS:
- Knowledge of SOX controls preferred.
- Knowledge of penetration attack strategies for web services, databases, networks, basic forensic tools, and cryptography principles.
- Knowledge of the Linux operating systems, TCP/IP protocol stack, and networking tools.
- Intrusion Detection and Threat Vulnerability management
- Problems resolution, including ownership through resolution
- Knowledge of Information Security principles, terminologies, and technologies.
- Excellent written and oral communication skills
- Active/Prior security clearance (Secret or higher) or ability to obtain security clearance
EDUCATION / EXPERIENCE:
- BachelorsDegree in Computer Science, Information Technology, or related field is required.
- ***CEH certificationREQUIRED (additional GCIH or GPEN certification is a plus)
- Minimum of five yearssecurity related experience
- 2+ years of Penetration and Vulnerability testing experience, preferable
- Experience with vulnerability analysis or reverse engineering, preferable
- Experience with developing and executing security vulnerability test plans and procedures.
- ***Experience with programming in C, C++, C#, Java, PHP, Perl, .Net, Python, Ruby, PowerShell, and Linux Shell Scripting. They do not need to be a developer just have a good understanding of the languages.
- Experience with problem solving through using out-of-the-box approaches.
- Minimum five (5)yearstechnicalexperiencewith exposure to following:
- Windows 2008/2012 Server / Active Directory
- Windows 7/10 Workstation
- MS Office
- Microsoft SQL and Oracle application/database
- Knowledge of virtualization techniques and risks
- HP Unix and Redhat Linux
- Tenable Nessus / Nmap / Metasploit / Core Impact
- Ability to parse and decode various application protocols – XML, HTTP, etc.
- Firewall technology with IPS/IDS
- Hosted/SaaS/Cloud Computing
- Server administration tools
- Security administration tools