The Sr. Cyber Security Analyst will be responsible for identifying, analyzing, and influencing the management of information risks across the organization, as well as ensuring the implementation and compliance with all IT controls. The incumbent will help develop, implement, and maintain a strong and effective Cyber Security program.
This role will be responsible for following the technology trends regarding cyber security and recommending necessary changes to the companies' cyber security environment. The incumbent will monitor and respond to cyber threats and make recommendations as to mitigation or remediation of such threats.
This role will not only serve as an advisor on all cyber security matters, but also be hands on with implementing suggested changes into the environment. As such, the ideal candidate will have extensive experience in handling network administration and system administration tasks in a windows environment. Hands on implementation skills will be critical to the success of this position.
COMPETENCIES AND SKILLS:
Installing and configuring network equipment to update or fix hardware/software issues
Updating definition files and pushing those to all devices across the company
5+ years of experience in Network and Systems management as it relates to cyber security and risk mitigation.
Detailed understanding of PCI environment and ability to implement security suggestions based on PCI
Detailed knowledge of windows Azure security, AWS or other cloud platforms.
Knowledge of cloud security environment with and without SSO
Experience handling different tools such as CloudFlare, working with vendors such as Red Canary etc.
Knowledge of Incident management and Incident response.
Experience in providing training to internal users (both IT and non-IT), conducting simulations, lunch & learns to educate the team members on cyber security.
Knowledge of different environments: Cisco, Juniper, Palo Alto and other leading network gear
System administration -- Windows Server 2; VMWare; AIX
Detailed network security skills in the Cisco Catalyst, Cisco Nexus, Brocade platforms.
Advanced problem solving -- Able to dive into an issue, discover the root cause, understand why it happened, and prevent it from happening again
Strong ability to understand the overall cyber security landscape, relate those needs to our current IT landscape and suggest a roadmap to achieving the same
Must have the ability to build a plan and also implement the plan in coordination with the IT Infrastructure team
Must have knowledge of important cyber security frameworks such as PCI, HIPAA, ISO:27001, CIS-Top18 and controls/frameworks
Detail oriented approach -- Understanding how the system works and knowing which tool to use; being able to repeat a process and explain that process to management
Self-motivated -- Take on the next task or issue without being told to; must be self sufficient
Information security policy maintenance -- Create, update, and delete policies and procedures as new and old developments arise
Firewall administration -- Palo Alto
Security tool administration -- Splunk, Carbon Black, Elk Stack, etc
Network protocol knowledge -- RDP, SSH, TCP, FTP, SFTP, ACLs, etc
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Safeguard system assets by identifying and solving potential and actual security problems
Protect systems by defining access privileges, control structures, and resources
Recognize problems by identifying abnormalities and reporting violations
Implement security improvements by assessing current posture and evaluating new risk trends
Conduct periodic audits and pen tests
Maintain technical knowledge through research, publications, and classes
Maintain security and software updates/patches
Triage, respond, and find root cause to security related incidents
Effectively communicate with upper management
Educate business by holding learning sessions and performing phishing campaigns
Other duties as assigned
Bachelor's degree in Information Technology, Engineering or equivalent technical experience related to Cyber Security desired
5+ years hands on experience
Professional communications skills, both oral and written
Effective interpersonal skills
Demonstrate capacity for organization, prioritization and management in a dynamic environment
Experience working with all levels within an organization
Manage personal workload and work under tight timeframes
Must be able to work independently with minimal supervision
Occasional: bending, kneeling, squatting, standing, walking, reaching, overhead reaching, and fine motor skills
Normal office environment and office lighting
Within the Smith & Wesson manufacturing facility employees may be exposed to manufacturing noise, airborne liquid chemicals, fine particulate dust, ambient temperatures, and industrial lighting
All employees are required to apply ergonomic correctness to all job tasks