Position: IT SECURITY ANALYST
Company: ANSA McAL Limited
The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Group Information Security Manager, where appropriate.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Group Information Security Manager, where appropriate.
- Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the Group Information Security Manager, where appropriate.
Acquisition & Deployment
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices).
- Maintain operational configurations of all in-place security solutions as per the established baselines.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity.
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
- Participate in established Incident Management procedures.
- Provide on-call support for end users for all in-place security solutions.
- Contribute to escalated problem resolution by giving in-person, hands-on support to end users when necessary.
- Monitor incident trends and anticipate potential problems for proactive resolution.
Knowledge & Experience
- Extensive experience with Microsoft Cloud including Microsoft 365 and Azure.
- Extensive knowledge of computer hardware, including desktops, servers, laptops, routers, switches, firewalls.
- Working knowledge of a range of diagnostic utilities, including ntop, traceroute, ping, network port scanners, packet capture software, endpoint protection, vulnerability assessment and penetration testing tools.
- Familiarity with Cybersecurity Assessment and Training Platforms.
- Experience with desktop, mobile and server operating systems, including Windows Server 2003-2019, Windows Desktop, MacOS, Linux, Android, iOS.
- Working Technical knowledge of Microsoft Active Directory, DHCP, DNS, NPS, RADIUS, Certificate Services.
- Experience with script development for various custom tasks and automation e.g., PowerShell, Python.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Strong understanding of virtualization technologies such as Hyper-V, VMWare.
- University degree in Computer Science / Engineering
- At least 5 years of proven work experience in Information Security, on medium to large projects and organization(s)
- One or more of the following certifications:
- CompTIA Security+
- Microsoft Certified Systems Administrator: Security
- Associate of (ISC)2
- Associate of ISACA
How to apply:
- Do you have a University degree in Computer Science / Engineering? - Do you have five years of proven work experience in Information Security, on medium to large projects and organization(s)?