Address
Form of workJR IT SECURITY ANALYST
Job Overview: This individual will be responsible for supporting the management of Fidelity Bank's IT security solutions, and computer and data systems. Tasks will include administering enterprise standard security tools, providing input to the development of IT security standards, and assisting with securing computer and communication standards. This individual will also be responsible for assisting IT Department Managers to ensure the security of all corporate and proprietary information residing on company computer assets, performing technology research, and aiding in the development and presentation of formal plans, proposals, and status reports. Additionally, responsibilities include analyzing and investigating alerts related to endpoint security, incident response, vulnerability management, email analysis, web filter management, and cloud security, and coordinating with system admins, desktop techs, and other teams to implement security measures and maintain a secure environment.
The candidate for this position will be responsible for:
Requirements for the position include:
Preferred qualifications for this position include:
EO/AA Employer: Title VII/Protected Veterans/Disability Status
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Job Overview: This individual will be responsible for supporting the management of Fidelity Bank's IT security solutions, and computer and data systems. Tasks will include administering enterprise standard security tools, providing input to the development of IT security standards, and assisting with securing computer and communication standards. This individual will also be responsible for assisting IT Department Managers to ensure the security of all corporate and proprietary information residing on company computer assets, performing technology research, and aiding in the development and presentation of formal plans, proposals, and status reports. Additionally, responsibilities include analyzing and investigating alerts related to endpoint security, incident response, vulnerability management, email analysis, web filter management, and cloud security, and coordinating with system admins, desktop techs, and other teams to implement security measures and maintain a secure environment.
The candidate for this position will be responsible for:
- Conducting simple research and preparing input to technical staff study reports
- Creating and maintaining documentation and diagrams
- Analyzing and investigating alerts related to endpoint security, including triage, potential malware analysis, false positive detections, and vulnerability remediation
- Investigating unblock requests and escalating for further action
- Ensuring event log and network device log monitoring into Splunk, and patch and maintain on-premises Splunk infrastructure and manage cloud Splunk
- Monitoring AWS and Azure environments and AWS user account creation/modification
- Assisting in incident response tasks and performing investigations, including forensics investigations and malware reverse engineering
- Analyzing vulnerabilities in Nessus/Tenable.sc/Tenable.io and identifying and implementing remediation steps, prioritizing efforts based on exploitability and impact
- Approving and monitoring patches through the deployment cycle for Microsoft and third-party software, including on-premises WSUS management and development of patching processes for third-party patches not handled by ninja/WSUS
- Analyzing email headers, links, and investigating reported phishing alerts for legitimacy
- Triaging and prioritizing internal tickets using Track-It, and escalating as necessary
Requirements for the position include:
- Bachelor's degree in computer science, computer information systems, data processing, business administration or a related field (waive in lieu of experience)
- Strong knowledge of endpoint security tools and practices
- Basic knowledge of incident response procedures
- Familiarity with Nessus/Tenable.sc/Tenable.io vulnerability management tools
- Knowledge of Microsoft patching procedures
- Familiarity with third-party patching tools such as Java
- Experience with web filter management
- Experience working with a ticketing system
- Strong customer service skills
- Strong verbal, written and interpersonal communication skills
Preferred qualifications for this position include:
- 2-4 years of experience in information security, with experience in the banking industry
- Security certifications (e.g., CISSP, CISM, CompTIA Security+)
EO/AA Employer: Title VII/Protected Veterans/Disability Status
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
