Job Posting

IT Security Analyst

Cranium-IT

Seattle, WA US

Currently looking for an experienced IT Security Analyst for a full-time position near Seattle, WA.

Important Note: 
Work Authorization: US Citizen or Green Card Holder Only.

Ideal Candidate: Someone who has worked for a midsized IT shop that has mature cyber security incident response processes. Someone who can support forensic investigation inquiries. Someone who has formal leadership experience.

Top Three Required Skills: Security Frameworks ISO 27001, NIST 800-53, COBIT and/or COSO. Incident Response experience. Compliance experience.

Job Description:

This position will be filled as an advisor security analyst, senior security analyst, or security analyst depending on the qualifications of the selected candidate.

Job Duties

• Develop, deliver, maintain and monitor IT security policies, standards, and best practices.
• Implement, integrate, maintain, report and monitor security and compliance risk management procedures.
• Perform security, vulnerability and threat assessments and security incident management.
• Oversee the compliance requirements, audit services, and be an integral part of proper implementation of the disaster recovery procedures in alignment with enterprise business continuity, development and testing.
• Uphold the safety compliance standards and field procedures related to work responsibilities.
• Acts as a leading member of the IT Security Incident Response team with working knowledge of Forensic Investigation methods and evidence preservation.
• Acts as a leading member of the Threat Management program in support of SIEM development.
• Plans and implements security and integrity controls over client-server based applications.
• Researches, evaluates, designs, tests, recommends, and plans implementation of new or improved information security software or devices.
• Analyzes new/enhanced software application or tool implementations for implications to existing security software and devices.
• Drafts new or updates existing process, procedures and policies as necessary and updates or creates documentation based on work performed.
• Defines, implements, and enforces security and compliance controls.
• Facilitates the development and implementation of security systems.
• Provides technical expertise and guides the administration of security tools to ensure controls are in place.
• Analyzes application security needs based on the sensitivity or proprietary nature of the data, and ensures systems are utilized for management-approved purposes only.
• Mentors and coaches team members and other IT peers to support cross-training and knowledge sharing.
• Defines project scope, objectives, and requirements to support aligned work efforts.
• Performs other duties as assigned.

Required Skills

• 8 years of experience.
• Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert and to lead teams.
• Knowledge of security frameworks such as: ISO 27001, NIST 800-53, COBIT and COSO.
• Experience with implementation and management of compliance requirements such as NERC and SOX.
• Understanding and experience with other security products and techniques such as token-based dialup authentication, modem callback and password management.
• Incident response experience.

Required Qualifications

• Bachelor’s Degree.
• MUST be able to work in the U.S. WITHOUT sponsorship to be considered; no C2C.

Preferred Qualifications

• 1+ year experience configuring or managing SIEM systems and solutions.
• 1+ year experience configuring or managing an enterprise dependent solution in support of multiple business processes.
• Highly desirable are certifications in one or more of the following: CISM, CISA, CISSP, CNSP, CNSA, CPP, CCSP, ISSAP, ISSEP, ICSE, CIW-SP (CIW Security Professional), SANS-GIAC certifications family, Security+, Certified Forensics Investigator.