A minimum of ten years of IS experience, with five years in an information security role.
A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
Certifications Required (3 or more - CISSP, CCSP, OSCP, CISA, CRISC, GIAC, CEH, Security+).
Certifications Preferred (Technology Certifications - Cisco, Microsoft, Linux).
Expert level in security best practices.
Intermediate level with Wireshark and/or equivalent packet capture and analysis.
Strong understanding of networking technologies from architecture best practices to packet analysis.
Experience with patch management, device hardening, configuration auditing and other end point security best practices.
Familiarity with the principles of cryptography and cryptanalysis.
Understanding of Public Key Infrastructure.
Experienced in the use of virtualization technologies.
Knowledge of and experience in developing and documenting securityarchitecture and plans, including strategic, tactical and project plans.
Proficiency in performing risk, business impact, control and vulnerability assessments.
Excellent technical knowledge of mainstream operating systems [for example, Microsoft Windows and Linux] and a wide range of securitytechnologies, such as networksecurity appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
Knowledge of networkinfrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
Experience with common information security management frameworks, such as [International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST)] frameworks.
Strong written and verbal communication skills.
Ability to communicate security guidance to a non-technical audience.
The Systems Security Analyst is a critical member of the Chief Information Security Officer's (CISO's) team. This is a hands-on role that requires a high level of technical and analytical expertise. Responsible for a broad range of tasks, including the day-to-day administration of information security tools, the creation of security documentation, governance risk compliance (GRC) management, as well as second-level and third-level support for security information and event management (SIEM).
Researches, and assists in the piloting the evaluation of new tools, technologies, technical controls, and processes to support and enforce defined security policies.
Participates in a variety of information security functions – Vulnerability Management, Penetration Testing, Incident Response, Audit, Governance, Solution Design.
Works with various infrastructure teams and business units to ensure policy compliance and adherence to security best practices.
Monitors system logs, SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution.
Assists in the development and documentation of securityarchitecture, policies, standards, and procedures.
Collates security incident and event data to produce monthly management and exception reports.
Measures and reports on the technical metrics of security controls.
Works with outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
Participates in the operation of incident management, including detection, response and reporting.
Contributes to a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
Participates in the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommends treatment plans and communicates information about residual risk.
Participates in security projects and provides expert guidance on security matters for other IT projects.
Ensures audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
Validates baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
Provides second and third-level support and analysis during and after a security incident.
Assists Lifespan staff in the resolution of reported security incidents.
Participates in securityinvestigations and compliance reviews, as requested by internal or external auditors.
Supports Lifespan’s Legal e-discovery processes to include identification, collection, preservation and processing of relevant data.
Participates in GRC (Governance Risk Compliance) activities surrounding policies, exceptions, risk register, and compliance requirements such as HIPAA, PCI, and JMC.
Researches and assess new threats and security alerts, and recommends remedial actions.
Performs other duties as assigned.