Job Summary 

As a Senior Cyber Security Analyst, we are looking for a generalist who can assist across a wide variety of tasks across the organization.  You will protect IT infrastructure (including networks, hardware and software) from a range of criminal activity, monitor networks and systems, detect security threats ('events'), analyze, and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity. 

Responsibilities 

• Conduct regular security assessments and audits of systems and networks to identify vulnerabilities and risks. 
• Monitor and analyze security threats and incidents and provide recommendations for remediation. 
• Assist with the implementation of internal controls to maintain compliance with regulatory and statutory security frameworks (e.g., NIST, SOC 2, HITRUST). 
• Collaborate with other IT teams to ensure security is integrated into all aspects of the company's technology infrastructure. 
• Develop and implement security policies and procedures. 
• Participate in incident response and disaster recovery planning. 
• Stay up to date with the latest security threats, trends, and technologies, and make recommendations to improve our security posture. 
• Research/evaluate emerging cyber security threats and ways to manage them. 
• Plan for disaster recovery and create contingency plans in the event of any security breaches. 
• Test and evaluate security products. 
• Design new security systems or upgrade existing ones. 
• Use advanced analytic tools to determine emerging threat patterns and vulnerabilities. 
• Engage in 'ethical hacking', for example, simulating security breaches. 
• Identify potential weaknesses and implement measures, such as firewalls and encryption. 
• Monitor identity and access management, including monitoring for abuse of permissions by authorized system users. 
• Consult with stakeholders in relation to cyber security issues and provide future recommendations. 
• Generate reports for both technical and non-technical staff and stakeholders. 
• Maintain an information security risk register and assist with internal and external audits relating to information security. 
• Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues. 
• Performs other related duties as assigned. 
• Ability to travel nationwide, up to 10% annually.

Required Skills & Qualifications 

• Strong teamwork skills in order to collaborate with team members and clients. 
• Solid understanding of Internet fundamentals (DNS, TCP/IP, HTTP) preferred. 
• Knowledge of cloud-based systems, particularly Microsoft Azure. 
• Strong knowledge of security frameworks such as NIST, SOC 2, and HITRUST. 
• Ability to use strategic and critical thinking to approach problems and create solutions. 
• A passion for cyber security and a keen interest in IT 
• Analytical and problem-solving skills to identify and assess risks, threats, patterns, and trends. 
• 4-year degree or equivalent experience/skills and practical, relevant work experience 
• Professional certification(s), e.g., Security+, CISSP, SSCP, etc. preferred. 
• Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware, and security. 
• An understanding of the cyber security risks associated with various technologies and ways to manage them. 
• A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus 
• An ability to work under pressure, particularly when dealing with cyber threats and at times of high demand. 
• Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals. 
• Written communication skills (example – the ability to write technical reports). 
• Time-management and organizational skills to manage a variety of tasks and meet deadlines. 
• The ability to multi-task and prioritize your workload. 
• Excellent attention to detail 
• Familiarity with and some ability to code preferred.