Systems/Application Secruity Analyst
Helps develop and implements internal security policies & procedures to protect internal I.S. assets and ensures the security of the products developed and delivered to our customers. Performs regular security testing of the company’s infrastructure and its products.
ESSENTIAL JOB FUNCTIONS:
Information security analysts are expected to stay up-to-date on the latest intelligence, including hackers’ methodologies, in order to anticipate security breaches. They also are responsible for preventing data loss and service interruptions by researching new technologies that will effectively protect a network. This position will also be responsible for managing the security of our Windows PC & Server products sold to customers
• Maintain intimate knowledge of IT security trends and events
• Assist with development of security standards and best practices for the organization
• Performing risk assessments and assist with developing remediation strategies
• Help educate & train users on new security products and procedures
• Recommend security enhancements
• Install and configure firewalls and other devices/software to protect sensitive information
• Conduct penetration testing to determine likelihood of vulnerability exploitation
• Monitor networks for security breaches and investigate violations when they occur
• Clearly document all procedures and follow best practice change management for configuration changes to IT systems
• Prepare reports that document security breaches and the extent of the damage caused by the breaches
• Administer network server security for local network applications including MS SQL, Team Foundation Server, Exact MAX ERP, Great Plains/Dynamics
• Administer security for cloud-based services such as Microsoft Office 365 (including Sharepoint & Exchange).
• Assist with the development of DRP/BCP plans
• Ensure security of network services (WSUS, DNS, DHCP, Active Directory, NPS, etc).
• Troubleshoot & maintain security of switches, routers, wireless access points and firewalls.
• Interact with laptops, workstations & servers in a Windows environment. Ensure devices interconnect securely with diverse systems including authentication servers, file servers, email servers, application servers and administrative systems
• Maintain Antivirus/Antimalware protection and security control
• Work with vendor support contacts as needed to resolve technical issues • Research solutions to enhance or replace existing hardware and software
• Perform other tasks and work with other departments as directed by supervisor.
KNOWLEDGE, SKILLS, AND ABILITIES:
• Requires degree with a focus in Information Technology.
• Requires 5 years relevant experience in a Windows Server 2008-2016 Active Directory LAN/WAN environment.
• Requires Network+, Microsoft MCSA/MCSE or similar industry certifications.
• Cisco certifications, (CCNA/CCNP/CCIE) are desirable.
• Security Certifications (Security+ or others) are desirable.
• Adjustments to requirements may be made for those with comparative experience. Personality Requirements
• Has a certain degree of creativity and latitude.
• Has excellent written and verbal communication skills.
• Relies on experience and judgment to plan and accomplish goals.
• Driven and motivated to learn new technology and practices quickly.
• Demonstrates troubleshooting abilities with ability to prioritize.
• Would rather automate than perform the same action manually many times.
• Is self-directed, and can identify potential problem areas proactively.
• Can adapt quickly to changing requirements and short schedules.
• Has excellent research skills.
• Enjoys problem solving & helping others. Recommendations
• Familiar with standard concepts, practices, and procedures of Systems and Network Administration.
• Can effectively utilize productivity software, presentation software, various hardware & network diagnostic tools.
• Experience in a manufacturing or healthcare environment helpful, but not required
• General familiarity with the Defense Information Systems Agency's Security Technical Implementation Guides (STIGs) and (DISA) Community Gold Standard (CGS).
• General knowledge on how to implement and validate STIG requirements.
• Insight into how these security configurations will affect the functionality of the Windows environment. Other
• Reports to: Director of Information Services
• Work Hours: M – F 8am – 5pm
• Overtime: Regular system updates (after hours/weekends), special projects – as needed
• Travel: Occasional
• On-Call Support: Required
This position does not have any supervisory responsibilities but will assist & help develop others.
PHYSICIAL ACTIVITIES AND REQUIREMENTS:
Ability to reach, sit, push, pull, lift, use fingers, grasp, communicate bi-directionally, and perform repetitive motions. Ability to exert up to 50 pounds of force occasionally, and/or a negligible amount of force frequently, and/or a negligible amount of force constantly to move objects. Must be willing to travel on occasion.
• Exposure to dust and/or dirt. Dust in pc’s, ceiling panels, user work areas
• Work performed in high places where possibility of falling exists (Wiring in ceilings, wireless access points, etc.)
MENTAL AND VISUAL REQUIREMENTS:
Close mental and visual attention required to perform work dealing primarily with preparing and analyzing data and figures, using a computer and/or extensive reading. Replacement of RAM, CPU components on motherboards, termination of small diameter wiring.