General information

Country
United States
City
Remote Location
Department
Security Office
Job ID
21426

Description & Requirements

Senior Cyber Security Analyst

Location: Remote

Summary:

Cyber Security – Security Analysts are ultimately responsible for ensuring that the company's digital assets are protected from unauthorized access. This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out vulnerabilities, and finding and mitigating risks before breaches occur. If a breach does occur, security analysts are often on the front line, leading efforts to counter the attack.

A Day In The Life Could Include:

(responsibilities)

  • Assist in the responsibility for the reviewing vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies and a changing environment including infrastructure and applications to determine risk rating of vulnerabilities to business assets.
  • Assist in improving and automating existing vulnerability management lifecycle. Including but not limited, data ingestion & normalization, compliance metrics and detections on assets.
  • Assist in partnering with tools, product and development teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected.
  • Assist in providing support and resolution for scanning and vulnerability remediation reporting issues provided by Vulnerability Management tools.
  • Assist in working with the Business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
  • Provide technical support for vulnerability management projects.
  • Provides analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving roadblocks.
  • Perform reoccurring and on demand scanning activities of both corporate and cloud environments utilizing enterprise platform.
  • Assist in ensuring scan results are presented in appropriate dashboards, reports.
  • Assist in interfacing with third-party vendors in improving the overall scanning process.
  • Perform any other duties as assigned by the Security Office management

What You Will Need To Bring With You:

(experience & education required)

  • 7+ years of work experience in Cyber Security

·       2+ years operational experience with a Vulnerability Scanning Application

  • CISSP (Certified Information Security Professional) certification or equivalent
  • In-depth understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration, application development, and information security best practices.
  • Broad experience in vulnerability scanning, SIEM, penetration testing, network admission control, advanced malware protection.
  • Administrative knowledge on Qualys Vulnerability Management tool
  • Leadership Skills
  • Understanding of network defense principles, common attack vectors, and attacker techniques
  • Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies
  • Excellent analytical and problem-solving skills
  • Specialized knowledge in email or cloud threats
  • Understanding of Cloud services (AWS, Azure), Load balancers, firewalls, proxies, SIEM concepts.
  • Stays current with new and evolving technologies via formal training and self-directed education
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • Fluent in English language
  • Not accepting any Status Quo, able to transform yourself, your team and organization
  • Self-actualize, learn from others and share the knowledge proactively
  • Naturally comply with laws and regulations

What Will Put You Ahead:

(experience & education preferred)

  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline.
  • Experience in Vulnerability Management tools, preferred Qualys.
  • Additional IT Security Certifications such as Certified Vulnerability Assessor (CVA), Certified Ethical Hacker (CEH) or CISM (Certified Information Systems Manager) is a plus.
  • Basic coding experience (Java, Python)
  • Additional experience in IT controls monitoring for regulatory and compliance requirements like CIS, SOX, HIPAA, HITRUST, SSAE 16 - SOC 1 & SOC 2, PCI compliance - PCI DSS / PA-DSS, NIST, ISO 27001 & ISO 27002 is a plus.
  • Knowledge on Secure Software Development Life Cycle (SSDLC)


Infor Values:

Our Guiding Principles set the standard for how we work with one another. They define who we are as an organization and guide everything we do. By applying the same shared values that unleash prosperity in free societies—such as value creation, integrity, responsibility, free speech, and toleration—we encourage one another to take initiative and to challenge the status quo.

 

We have a relentless commitment to a culture based on a business philosophy called Market Based Management® (MBM®). Informed by the principles that allow a free and open society to flourish, MBM® prepares individuals to innovate, improve, and transform while fostering a healthy, growing organization that creates long-term value for its clients and supporters and fulfillment for its employees. 


Equal Opportunity Employer, including disability and protected veteran status. This employer uses E-Verify.  Please visit the following website for additional information: www.kochcareers.com/doc/Everify.pdf