Position Summary:

The Security Analyst (SA) will be responsible for monitoring, investigating, correlating, and responding to cybersecurity alerts and incidents. Responsible for execution of IT Security procedures for vulnerability management and maintenance of cybersecurity tools and applications. Responsible for responding to escalated support requests concerning IT Security tools and applications.

Utilizing enterprise security tools, the Security Analyst will be required to perform vendor security assessments, perform research on third party vendors, and utilize security tools. The Security Analyst will be required to assist in managing the vendor review queue and support other areas of tech risk to include audit. The Security Analyst will work with team members, third party vendors and various technology departments to mitigate cyber risk. This role will also participates as a SME in projects.

Duties and Responsibilities:

• Provide a high level of customer service and support to all employees according to JMARK's core values.
• Champion and strengthen security culture by encouraging all employees to remain committed to security controls and initiatives
• Empathetically collect and consider end user feedback on controls and initiatives to increase user adoption and positivity
• Conducts security event monitoring and intrusion/malware analysis using various computer and network defense tools such as next-gen firewalls, host-based/EDR, and cloud-based security systems.
• Maintain and enhance the next-gen Antivirus platform and its policies, pursuing the implementation of security industry best-practices
• Perform security incident response activities to identify, triage, contain, and eradicate various information technology threats
• Leverage existing technology to identify and communicate vulnerabilities, coordinating remediation efforts with IT operations
• Assist in coordinating yearly penetration testing; Document, analyze, prioritize, and communicate findings with relevant stakeholders
• Communicate cybersecurity concepts and capabilities with the Service team. Summarize and report incident metrics and escalations
• Track, monitor, and report on key cybersecurity initiatives, milestones, deliverables, resources, remediation items, and/or findings through completion
• Develop and deliver a Cybersecurity education and training program for employees, contractors, and other authorized users
• Facilitate the creation, review, and delivery of Cybersecurity communications
• Initiate, facilitate, and promote Cybersecurity activities to create Cybersecurity awareness within the organization
• Develops, distributes, and monitors periodic anti-phishing campaigns
• Monitor adherence to Cybersecurity policies, standards, and controls
• Prepare reporting for various aspects of the Cybersecurity program
• Responds to end-user generated security alerts and escalated inquiries regarding cybersecurity tools.
• Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection mechanisms, and assists in the automation of workflows.
• Researches and monitors emerging threat and vulnerability information and initiates appropriate response procedures.
• Performs periodic maintenance/updates to information security tools and applications.

Competencies:

To perform the position successfully, an individual should demonstrate the following competencies:

• Communication Skills
• Customer Service
• Job Knowledge
• Time Management
• Technical Credibility
• Technology Management
• JMARK Core Values

Skills and Qualifications:

It is impossible to list all of the skills and qualifications that an individual will need to efficiently perform in this position. Listed are general skills and qualifications that individuals should have or should be striving to achieve in order to be qualified for this position.

• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management.
• Proficient in Incident Management and response
• Proficient in security best practices and analysis
• Experience in secure network topology design
• Experience in threat management
• Excellent communication and leadership skills
• Experience with vendor management

Licenses & Registrations:

• Valid driver's license
• Proof of vehicle insurance
• Reliable and suitable transportation that can be used as required to perform duties, if needed.

Experience:

• Experience focused on Networks and Security with experience in working with teams.
• BS Degree in IT Networking and/or Security or relevant work experience.
• Experience as part of a Microsoft Partner organization
• Experience working for a managed services organization
• Certification in one of the following preferred: Security+, CISSP, GCIH, GSEC