IT Information Security Analyst
East Petersburg, PA | Direct Hire
- Position: IT Information Security Analyst
- Location: Lancaster, PA
- Status: Direct Hire
- Salary Range: $70, 000-$90, 000
- Remote Option: None
A financial services company is presently looking for a IT Information Security Analyst to add to their growing team.
This is an exciting opportunity for a strong technical candidate with about 3-5 years of Information Security Analyst experience with familiarity of systems such as security information and event management (SIEM), intrusion detection and protection (IDS/IPS), internet proxy, advanced persistent threat (APT) defense, system vulnerability management, data loss prevention (DLP), application whitelisting, endpoint detection and response (EDR), anti-virus and anti-malware, or denial-of-service (DDoS) defense.(Preferred)
You will be responsible for:
Security monitoring and response. Use supplied technical tools and security intelligence to perform essential monitoring for security threats and potential indicators of security concerns. Also monitors compliance with Information Security policies, standards, guidelines, and procedures. Acts upon detected events or conditions to initiate appropriate responses, escalating attention as necessary and/or prescribed within defined Incident Response Plan. Work collaboratively with internal and external business line or technical contacts to achieve successful incident resolution. Maintain documentation and other appropriate evidence to support incident investigations. Serve in on-call response capacity as part of scheduled departmental on-call rotation.
Security advisory and consultation. Serve in advisory or consultative capacity, performing timely and effective review of vendors, systems, and various business requests that supports the corporate Information Security Program while meeting business line needs. Substantiate security assessments, approvals, rejections, and recommendations with facts, logic, and reputable industry references. Assist with development of Information Security related policies, procedures, guidelines, and standards. Assist with development of security awareness and advisory content for corporate compliance training and periodic departmental educational publications. As assigned, contribute input, advice, and recommendations on behalf of the Information Security Office as part of the Project Management Life Cycle (PMLC) for designated Business Unit projects. Remain current and knowledgeable in the field of Information Security, including related best practices, regulations, and laws.
Information security projects. Collaborate with IT functional units to design, plan, install, configure, test, and implement solutions that address Information Security risks, to maintain regulatory compliance and manage risks across the corporation. When assigned, project lead role is responsible for driving the project on behalf of the Information Security Office, involving teammates in brainstorming and decision-making, establishing target outcomes, attaining milestones, managing project-related communications, and developing internal controls and related documentation. General team role is responsible for supporting the project leader, contributing toward identifying outcomes, achieving individual and group milestones, and assisting with communications and internal controls development. As necessary, acts on behalf of the project leader. Report project activities, milestones, progress, and results to Information Security manager and CISO.
Security preparation and development.Develop and implement best practices for security system configuration, policy and rule controls, and related automated as well as manual procedures for all Information Security systems. Develop & enhance systems, workflows, and processes in support of Information Security requirements and objectives. Leverage new and existing tools to design and implement improvements in security tasks. Adhere to established practices for change management under principles of proper segregation of duties and least-privilege access. Share insight and expertise with ISO team and applicable IT and Business Line work units to achieve higher efficiency and effectiveness for the group.
If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!