Senior Security Analyst

About The Position

Requirements

• Bachelor's degree in business administration, information technology, computer science or a related field.
• Five (5) years of progressive experience in cyber security or similar IT infrastructure.
• Any equivalent combination of education and/or experience may be substituted for the above on a year-for-year basis.
• Possession of a valid class C driver's license.
• Knowledge of malware analysis/reverse engineering concepts
• Understand attacker methodology and penetration testing concepts,
• Excellent problem solving, critical thinking and analytic skills with the ability to de-construct problems (hunting anomalous pattern detection.
• Knowledge of the principles and practices of a network systems design and implementation, including hardware, software, communications standards and documentation.
• Knowledge of the principles and practices of business and public administration.
• Knowledge of current network communications security technology.
• Ability to provide project management.
• Ability to plan and develop time and cost estimates for network projects.
• Ability to oversee and coordinate the work of technical personnel.
• Ability to communicate clearly and effectively, both orally and in writing, at all levels within and outside the organization, and to provide technical documentation.
• Ability to effectively summarize and present findings.
• Ability to establish and maintain effective working relationships inside and outside the organization.

Nice To Haves

• Security Certifications: CISSP, CEH and Security +
• Firewall Certifications: Palo Alto, Cisco ASA and CCNA
• Load Balancer Certifications: F5, PKI and SSL

Responsibilities

• Performs control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls and recommends remedial action.
• Executes risk assessment activities, analyzes the results of audits (performed by other groups) to produce recommendations of acceptable risk and risk mitigation strategies.
• Works on deploying, tuning and running vulnerability-scanning and penetration-testing tools.
• Reports residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance, to DFW's management.
• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
• Performs analysis on threat alerts from various security tools, including Intrusion Detection and Prevention tools, firewalls, antivirus systems, user behavior analytics tools, proxy devices ( Palo Alto Networks, Cisco, etc.) which requires demonstrable security incident response and/or insider threat experience to determine if the alert is a false positive, a security event, an actual attack, and/or a security incident.
• Assists with management of incident response by investigating security intrusions.
• Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
• Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
• Evaluates/deconstructs ransomware, malware (e.g. obfuscated code) through Board approved vendor provided tools.
• Communicates alerts to leadership team regarding intrusions and compromises to their network infrastructure, applications and operating systems.
• Prepares Monthly Metrics on briefings and reports of analysis methodology and results.
• Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary to provide indication and warnings of impending attacks against networks.
• Configures and manages security integration components in Microsoft 365 hybrid environments, including connectivity, synchronization services, and authentication.
• Monitors and interprets Azure AD Connect events, Azure AD access reviews and Manage MFA.
• Provides escalation point for Systems Admins team as a support for O365 related incidents on Threat Management.