The Information Security Analyst is responsible for planning and coordinating the implementation of security measures to protect the organization’s computer networks and systems as well as monitoring and documenting any security breaches. This position will be responsible for developing security policies, procedures and best practices. This position will also be directly involved in investigating and mitigating any security breaches
ESSENTIAL DUTIES AND TASKS:
This position exudes our core values: Friendly, Innovative, Integrity and Hardworking.
Communicates our mission, goals and strategies.
Exhibits excellent customer service both externally with members/clients and internally with co-workers (cooperation, timely response, etc.).
Responsible for maintaining the security of the company’s assets and data from hazards, including physical and cyber.
Monitors the organization’s networks for security breaches.
Documents any security breaches and the extent of any related damages.
Installs or coordinates the install of security measures and software.
Conducts or coordinates regular network penetration testing.
Stays current on IT security trends and best practices.
Develops company-wide security best practices and policies to protect the company’s networks and assets.
Develops and implements NIST 800-171, Plan of Action with Milestones.
Makes security enhancement recommendations to the senior HWDS staff.
Assists staff with installing security software and with information security education.
Provides Information Security consultation to other HWDS customers and assists with the implementation of appropriate security measures.
Performs other duties as assigned.
Work is performed primarily indoors in the office sitting at a desk or table. The position is required to be able to operate a cooperative passenger vehicle and maintain a valid driver’s license.
PHYSICAL REQUIREMENTS (IF ANY):
Must be able to see, walk, hear and speak. Intermittent standing, stooping, bending and walking is required. Lifting objects up to 50 pounds may be required. Reasonable accommodations may be made to those who are able to perform the essential duties of the job.
SPECIALIZED SKILLS, ABILITIES AND KNOWLEDGE:
Knowledge of firewalls, endpoint security and intrusion detection concepts.
Have excellent written and oral communication skills.
Be familiar with network penetration testing and techniques.
Have experience in installing security software and documenting security issues.
Ability to identify and mitigate network vulnerabilities.
Must have an understanding of patch management and have the ability to coordinate patch deployment with an understanding of the business impact.
MACHINES, TOOLS, EQUIPMENT:
Tools and equipment typically used include: computer, mobile devices, network and security related appliances.
Bachelor’s degree in computer science or related field.
Have three or more years of experience in information security or related field.
Successful performance on pre-employment tests may be required.
The incumbent must be able to pass any required drug test and new hire physical examination. The incumbent must be able to maintain the confidentiality of any information s/he encounters.
Chief Information Officer (CIO)
This job description is not intended to be all-inclusive. An employee will also perform other reasonably related business duties as assigned by the CIO and other management staff as required.