The Information Security Analyst will support day-to-day security operations, event/incident investigation, security control assessment, data analysis and reporting, and other infosec-related activities. The analyst will work with the Project team as well as Helpdesk Support team to communicate risks and vulnerabilities, recommended changes which will remediate issues and/or improve security, and create documentation or reports regarding infosec activity and incidents.
Essential Duties and Responsibilities
- Create policies to ensure our customers’ infrastructure and information assets are protected with BCS security offerings: including Sophos Anti-virus and Malware Protection, Sophos Intercept-X, and Encryption.
- Audit analyze, plan, execute, and manage multi-faceted projects related to the BCS security offerings for our customers including onboarding.
- Review customers IT Systems platforms to determine the current role of the system and seek out vulnerabilities
- Responsible for ensuring BCS Security offering has the necessary monitoring of the computing environment required to alert Helpdesk Support through the ticketing system.
- Consistently conduct in-depth test of customer’s systems of the current and newly implemented infrastructure for IT Security to ensure policies and settings are applied correctly.
- Analyze system generated information and trends in the data and develop improvements to increase a system’s performance.
- Assess the customers IT system for perceived or actual threats and respond to any issues that are presented and/or escalate where necessary.
- Enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions.
- Responsible for reviewing and improving/developing response plans to any potential threat opportunities until the problem is mitigated completely.
- Develops and generates reports for management, customers, and other departments around the managed BCS security service/tools offerings.
- This role will monitor compliance with security policies, standards, guidelines and procedures while ensuring security compliance with legal and regulatory standards.
- Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Responds to security incidents (Helpdesk Support), conducts forensic investigations and targets reviews of suspect areas as well as develop action plans to address root causes of security-related problems.
- Collaborates on projects to ensure that security issues are addressed throughout the project life cycle.
- Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Provides responsive support for problems found during normal working hours as well as outside normal working hours as needed.
Competencies, Skills, and Qualifications
- 4-5 years of security experience working with Endpoint Security, Intrusion Prevention, and Firewall security
- Proven work experience as a system security engineer or information security engineer
- Experience in building and maintaining security systems
- Detailed technical knowledge of database and operating system security
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Thorough understanding of the latest security principles, techniques, and protocols
- Problem solving skills and ability to work under pressure
- Ethical Hacker - Preferred / Development Plan
- Associate of (ISC)² - Preferred / Development Plan
- CISSP (Certified Information Systems Security Professional) – Preferred / Development Plan
- CCNP Security – Preferred / Development Plan
BCS365 is an Equal Opportunity Employer. We consider applicants for all positions without discrimination based on race, color, religion, creed, gender, national origin, sexual orientation, age marital or veteran status, disability, or any other legally protected status.