IT Security Analyst
Seattle, WA US
Currently looking for an experienced IT Security Analyst for a full-time position near Seattle, WA.
Work Authorization: US Citizen or Green Card Holder Only.
Ideal Candidate: Someone who has worked for a midsized IT shop that has mature cyber security incident response processes. Someone who can support forensic investigation inquiries. Someone who has formal leadership experience.
Top Three Required Skills: Security Frameworks ISO 27001, NIST 800-53, COBIT and/or COSO. Incident Response experience. Compliance experience.
This position will be filled as an advisor security analyst, senior security analyst, or security analyst depending on the qualifications of the selected candidate.
- Develop, deliver, maintain and monitor IT security policies, standards, and best practices.
- Implement, integrate, maintain, report and monitor security and compliance risk management procedures.
- Perform security, vulnerability and threat assessments and security incident management.
- Oversee the compliance requirements, audit services, and be an integral part of proper implementation of the disaster recovery procedures in alignment with enterprise business continuity, development and testing.
- Uphold the safety compliance standards and field procedures related to work responsibilities.
- Acts as a leading member of the IT Security Incident Response team with working knowledge of Forensic Investigation methods and evidence preservation.
- Acts as a leading member of the Threat Management program in support of SIEM development.
- Plans and implements security and integrity controls over client-server based applications.
- Researches, evaluates, designs, tests, recommends, and plans implementation of new or improved information security software or devices.
- Analyzes new/enhanced software application or tool implementations for implications to existing security software and devices.
- Drafts new or updates existing process, procedures and policies as necessary and updates or creates documentation based on work performed.
- Defines, implements, and enforces security and compliance controls.
- Facilitates the development and implementation of security systems.
- Provides technical expertise and guides the administration of security tools to ensure controls are in place.
- Analyzes application security needs based on the sensitivity or proprietary nature of the data, and ensures systems are utilized for management-approved purposes only.
- Mentors and coaches team members and other IT peers to support cross-training and knowledge sharing.
- Defines project scope, objectives, and requirements to support aligned work efforts.
- Performs other duties as assigned.
- 8 years of experience.
- Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert and to lead teams.
- Knowledge of security frameworks such as: ISO 27001, NIST 800-53, COBIT and COSO.
- Experience with implementation and management of compliance requirements such as NERC and SOX.
- Understanding and experience with other security products and techniques such as token-based dialup authentication, modem callback and password management.
- Incident response experience.
- Bachelor’s Degree.
- MUST be able to work in the U.S. WITHOUT sponsorship to be considered; no C2C.
- 1+ year experience configuring or managing SIEM systems and solutions.
- 1+ year experience configuring or managing an enterprise dependent solution in support of multiple business processes.
- Highly desirable are certifications in one or more of the following: CISM, CISA, CISSP, CNSP, CNSA, CPP, CCSP, ISSAP, ISSEP, ICSE, CIW-SP (CIW Security Professional), SANS-GIAC certifications family, Security+, Certified Forensics Investigator.