Information Security Analyst I

Vibrant is looking for an Information Security Analyst I to join our Cybersecurity team as it grows. You will report directly to the Information Security Manager. The primary emphasis of this role will be on cloud, infrastructure and application security, incident response, auditing, training, and other relevant aspects of the program, as required. This role will be involved in day-to-day operations of the in-place security solutions. You will be responsible for playing a key role in protecting the confidentiality, integrity, and availability of all company data and systems. This may include the identification, investigation, and resolution of security incidents detected by those systems. Projects may include the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures, as well as conducting vulnerability audits and assessments, and working with technology teams to update and maintain system security. The Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

• Participate in the planning and design of enterprise security architecture.

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).

• Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan.

• Maintain up-to-date detailed knowledge of the Cybersecurity industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

• Assist with recommending additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

• Maintain up-to-date baselines using industry standard frameworks such as CIS and CSA for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).

• Maintain operational configurations of all in-place security solutions as per the established baselines and industry best practices.

• Monitor all in-place security solutions for efficient and appropriate operations.

• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.

• Respond to tickets for addressing security concerns, vulnerabilities, and end-user reported issues.

• Participate in investigations into problematic activity.

• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.

• Provide on-call support for end users for all in-place security solutions.

• Partner with AppDev to identify and remediate vulnerabilities in Applications

Knowledge & Experience

• General knowledge of security frameworks and controls such as: NIST (CSF, SP 800-53, SP 800-171), CIS, CSA, ISO27000.

• Some experience with security systems and tools that may include: Firewalls, WAF, SIEM, SOAR, MDR, IAM, PAM/PIM, Network Packet sniffers, Nmap, IDS/IPS, Vulnerability Management tools, SAST/DAST Burp Suite.

• Some experience with Encryption, Antivirus/Malware, Penetration Testing, Source Code Scanning.

• Familiar with threat modeling methodologies

• Working technical knowledge of Cloud and SaaS security solutions and tools.

• Basic understanding of IP, TCP/IP, and other network administration protocols.

• Basic understanding of security controls and system configurations for technologies such as: AWS, Azure, GCP, Microsoft AD, Linux.

Personal Attributes

• Proven analytical, troubleshooting and problem-solving abilities.

• Ability to effectively prioritize and execute tasks in a high-pressure environment.

• Good written, oral, and interpersonal communication skills.

• Ability to conduct research into IT security issues and products as required.

• Ability to present ideas in business-friendly and user-friendly language.

• Highly self-motivated and directed.

• Keen attention to detail.

• Team-oriented and skilled in working within a collaborative environment.

Experience:

• Minimum 2 years of technical experience working in cloud, application, infrastructure, and/or network security required

• Minimum 1 years of experience with Linux operating systems required

• Minimum 1 years of prior experience with Cloud-based security technologies required

• Preferred experience implementing and assessing Industry Security Standards including: HIPAA HITECH, HITRUST, FISMA, IS027K, PCI, NIST, CIS, etc.

• Some experience with Incident Response or Penetration Testing as a nice to have

Formal Education & Certification

• College diploma or university degree in Cybersecurity or other computer technology degree and/or two years equivalent work experience.

• One or more of the following certifications:

• CompTIA Security+

• GIAC Security Essentials (GSEC)

• GIAC Cloud Security Essentials (GCLD)

• Any AWS Certified Associate level certifications

• AWS Certified Security - Specialty

• Microsoft Certified Systems Administrator: Security

• NA