Information Technology Security Analyst
- Information security analysts must continually adapt and stay a step ahead of cyber attackers.
- They must stay up to date on the latest methods attackers are using to infiltrate computer systems and on IT security.
- Analysts need to research new security technology to determine what will most effectively protect their organization.
- Plan, implement and upgrade security measures and controls.
- Maintain data and monitor security access, physical access controls.
- Protect digital files and information systems against unauthorized access, modification or destruction.
- Conduct internal and external security audits.
- Manage network, intrusion detection and prevention systems. Define, implement and maintain corporate security policies.
- Analyze security breaches to determine their root cause.
- Research, recommend, and install appropriate tools and countermeasures.
- Coordinate security plans with outside vendors.
- Recommend security enhancements to management or senior IT staff.
- Supports critical systems after hours, nights, and weekends as needed. Responds to emergencies on a 24/7 basis.
- Experience in information security or related field. In addition, Security awareness training.
- Experience with computer network penetration testing and techniques.
- Understanding of firewalls, proxies, antivirus, and IDS/IPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them. Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
Education and Experience
Associates Degree from two-year College or university with major course work in information management, computer science or related field; with two years progressively knowledgeable and responsible experience in systems administration and analysis in a diverse enterprise computing environment; or equivalent combination of education and experience. Formal training and certifications may be required for various technology.
Knowledge of various enterprise level systems and ability to convey computing concepts effectively to non-technical users.
Expertise in security management, e.g., firewalls and user rights.
Ability to manage multiple concurrent projects and priorities.
Ability to quickly assess and resolve issues.
Ability to effectively and tactfully communicate with department officials and other administrative personnel.
Ability to organize material, analyze information, and develop recommendations.
Ability to express complex concepts and technical matters clearly and concisely in both oral and written formats.
Ability to remain calm in stressful situations.
Ability to take a teamwork approach to the job by cooperating with others, offering to help others when needed, and considering larger organization or team goals rather than individual concerns. Includes the ability to build a constructive team spirit where team members are committed to the goals and objectives of the team.