Location : Albany, NY
Job Type : Fulltime / Permanent
- Senior Cyber Security Analyst is a member of the Security team and works closely with the other members of Information Technology to develop and implement a comprehensive information security program.
- This includes a primary focus on detecting and preventing information security and cyber threats to our organization.
- The incumbent will be required to connect dots where they may not have existed before and correlate data in novel and interesting ways to determine weaknesses within our infrastructure (software, hardware, networks, etc.) to find creative ways to protect it.
- This position will be responsible for advanced investigations, monitoring and incident response.
- Advance support to initial response teams and assist and train staff in troubleshooting.
- The person in this role is responsible for advanced security program tasks and support of daily operations as needed.
- An ideal candidate has a passion for information security, problem solving, documentation, communication, organizational collaboration, and attention to detail.
- This individual will be empowered to help guide our security operations program by recommending improvements seeing them implemented.
- The senior analyst helps to develop and challenge existing processes and tools that focus on incident response, threat identification, analysis, and remediation.
- Oversee and support daily security operations to grant and protect systems against unauthorized access, modification and/or destruction.
- Perform high risk changes to systems like firewalls, filters, anti-virus and document standard changes.
- Design and improve monitoring systems and alerts, also support alerts and incident investigations as needed to support Analysts.
- Update network security policies, application security, access control and corporate data safeguards.
- Design and improve vulnerability and networking scanning assessment process and reporting.
- Support and educate users security requirements of our networks.
- Conduct data breach and security incident investigations.
- Compile evidence and ensure documentation for legal requests or internal investigations.
- Evaluate and remediate findings from security audits, risk analysis, network forensics and penetration testing.
- Liaison with other cyber threat analysis entities and managed services.
- Respond to security-related operational support and incidents, on and off hours as needed.
- Develop automation and process improvements throughout cyber program.
- Investigate incidents, act as an incident handler and follow incident response procedures.
- Compile and track metrics for the cyber program.
- Document and train Security Analysts and perform Planning, implementation and upgrades.
- Perform vulnerability testing, risk analyses and security assessments.
- Design and document implementation, procedures and processes of networks, IDS, IPS, etc.
- Collaborate with colleagues on authentication, authorization and encryption solutions.
- Evaluate new technologies and processes that enhance security capabilities.
- Support Security Analysts in triage and response to security alerts and perform root cause analysis.
- Define and implement corporate security policies, standards and procedures.
- Support and develop security awareness, procedures and training.
- Keep abreast of emerging technologies, software and methodologies.
- Stay proficient in forensic, response and reverse engineering skills.
- Support program execution and review security gap assessments, policies, procedures, playbooks, training and tabletop testing.
- Develop and implement automation and process improvements to processes and procedures.
- Respond to information security issues during each stage of a project’s lifecycle.
- Perform all assigned work to meet expected delivery and schedules and perform other duties as assigned.
Security Domain Skills and Knowledge Required:
- Access Control Systems and Access Methods.
- Applications and Systems Development Security.
- BCP and Disaster Recovery.
- IS Audit Procedures / Processes.
- IT Service and Delivery.
- Law Investigation and Ethics.
- Operations Security.
- Operational Security protection of assets.
- Response Management.
- Telecommunications and Network Security.
- Cryptography / Encryption.
- Information Security Program Management.
- Information Security Governance.
- Industrial Control Systems/SCADA.
- IT Governance.
- Physical Security.
- Risk Management.
- Security Architecture and Models.
- Security Management Practices.
- Systems and Infrastructure Lifecycle management.
- Bachelor's Degree in a Computer Science, Information Assurance, engineering or related technical or business discipline.
- Minimum 3 years quality experience (or a minimum of 5 years directly related experience for non-degree holders) including at least 2 years in cyber security.
- CISSP: Certified Information Systems Security Professional or multiples of the following.
- CEH: Certified Ethical Hacker.
- GCIH: GIAC Certified Incident Handler or other industry equivalents.
- Minimum 5 years quality experience (or a minimum of 8 years directly related experience for non-degree holders) including at least 3 years in cyber security.
- CPT: Certified Penetration Tester.
- CSSA: Certified SCADA Security Architect.
13454 Sunrise Valley Drive, Suite 120, Herndon, VA 20171
Direct:(703) 889-6697 | Fax:(703) 935-0339
firstname.lastname@example.org | www.