A Senior IT Security Analyst develops and executes security controls, defenses and countermeasures to intercept and preventinternal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. This associate researches attempted or successful efforts to compromise systems security and designs countermeasures. In addition, a Senior IT Security Analyst maintains hardware and software utilized for data creation, collection and analysis.
What you will do:
· Regularly lead self and others and/or established as Product SME and/or established as specialist
· Understands how whole picture aligns to overall Acxiom strategy
· Oversee and review the following activities (concerning new security hardware and software infrastructure components or enhancements to existing solutions): research, analysis, selection, planning, and engineering.
· Influence and provide authoritative advice to IT Architects to ensure that the modified security hardware and software infrastructure interacts appropriately, data conversion impacts are considered, and other areas of impact are addressed and meet performance requirements.
· Develop methods to test, debug, analyze performance, and document security hardware and software infrastructure solutions.
· Develop methodologies to implement new and emerging security hardware and software infrastructure, perform highly complex product customization for multiple configurations, developed implementation and verification procedures to ensure successful new and emerging enterprise-wide security systems hardware/software.
· Manage highly complex hardware and software infrastructure analysis, and evaluation on resource requirements necessary to maintain and/or expand service levels or tune security hardware and software infrastructure solutions for optimum performance.
· Develop and recommend to management technical strategies and solutions to maintain and/or expand service levels or tune security hardware and software infrastructure solutions for optimum performance.
· Oversee and provide direct guidance to ensure that plans integrate effectively with other aspects of the technical hardware and software infrastructure.
· Resolve highly complex or critical incidents involving multiple enterprise services and components.
· Review, recommend, and approve major and significant changes for purposes of incident avoidance.
· Oversee and drive effort to analyze highly complex problems and solution alternatives. Recommend best alternatives and implement upon approval.
· Provide leadership and technical guidance in project management, planning, task definition, estimating, reporting, scheduling, documentation, and workflow.Review and validate accuracy of other's estimates.
What you will need:
· Requires a minimum of 8years of related securityexperience with a Bachelor’s degree, or 5years and a Master degree; or equivalent work experience
· Required at least one of the following:
o Certified Information Systems Security Professional (CISSP)
o Certified Ethical hacker (CEH)
o Certified Expert Penetration Tester (CEPT)
· Must be able to provide advanced event analysis, incident detection, and escalation procedures.
· Must have significant experience debugging application and network problems.
· Must have experience coaching, training, or developing junior analysts.
· Must have experience in system development concepts, algorithms, and malware analysis.
· Must be proficient with SIEM technologies.
· Must be proficient with common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), monitoring) etc.
· Must be proficient with common network device functions, such as routers, switches, hubs, etc.
· Must be proficient with possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
What will set you apart:
· Advanced knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
· Preferred (Including but not limited to the following certifications):
o Cisco Certified NetworkAssociate (CCNA)
o GIAC Security Essentials (GSEC)
o Global Certified Intrusion Analyst (GCIA)
o GIAC Penetration Tester (GPEN)
o Certified Expert Penetration Tester (CEPT)