Job Description:
We are seeking a skilled Information Security Analyst to join our team. The ideal candidate should have a deep understanding of information security principles, best practices, and technologies to help protect our organization from potential security threats.
Responsibilities:
Monitor security systems to identify and respond to potential security threats, including malware, phishing, and social engineering attacks.
Conduct regular vulnerability assessments and penetration testing to identify and address potential security vulnerabilities.
Develop and maintain security policies, procedures, and standards to ensure compliance with relevant regulations and best practices.
Investigate security incidents and provide recommendations for remediation and prevention.
Work closely with other members of the security team to implement and maintain security controls and technologies, such as firewalls, intrusion detection and prevention systems (IDPS), and security information and event management (SIEM) systems.
Stay up-to-date with the latest security trends, vulnerabilities, and threat vectors.
Requirements:
Bachelor’s degree in computer science, information security, or a related field.
Experience in information security, with a focus on threat detection and response.
Knowledge of security principles, best practices, and technologies, such as firewalls, IDPS, SIEM, and encryption.
Familiarity with relevant regulations, such as GDPR, HIPAA, and PCI-DSS.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills.
Ability to work independently and as part of a team.
Willingness to work irregular hours and be on-call if necessary.
Preferred Qualifications:
Professional certification, such as Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH).
Experience with cloud-based environments and cloud security best practices.
Knowledge of incident response and forensic analysis.
Familiarity with security frameworks, such as NIST or ISO 27001.
Understanding of network protocols and architectures.
This job description is not intended to be all-inclusive, and the employee will also perform other reasonable related duties as assigned by their immediate supervisor or other management as required. The company reserves the right to revise or change job duties as business requirements dictate.
