Information Security Analyst

Overview:

The security analyst plays a vital role in keeping an organization's proprietary and sensitive information secure. He/she works inter-departmentally to identify and correct flaws in the company's security systems, solutions, and programs while recommending specific measures that can improve the company's overall security posture.

The Role:

• Governance of IT security controls within ICON and responsible for daily, weekly, monthly, quarterly and annual tasks outlined in the security Operations Runbook as required.
• Investigate cybersecurity incidents, perform technical analysis and RCA (root cause analysis).
• Perform forensics on an as needed basis.
• Respond and resolve cybersecurity incidents.
• Ability to work within a multi-disciplinary team.
• Active participation within the ICON Change Control process may be required periodically
• Respond and track security incidents within ticketing systems.
• Provide input into the patch management processes.
• Monitor security tools for security threats.
• Ensure critical assets are on boarded into security monitoring.
• Approve/Reject security requests within ticketing system based on risk assessment and Information security policy alignment.
• When required work to resolve vulnerabilities that are identified from vulnerability scans, penetration tests and other security assessments on ICON infrastructure.
• Ensure compliance with ICON Information Security policies and hardening standards.
• Ensure that defined security models are adhered to on an on-going basis.
• Be an escalation point for security incidents.
• Ability to leverage technical skills to correlate data to streamline analysis process
• Ability to relate technical issues to non-technical associates / business owners
• Participate in an on call roster
• Maintain a strong awareness of the current threat landscape.
• Create reports and visualizations of security attacks.
• Tracks trends for metrics and reporting.
• Other functions as assigned by ICON Cybersecurity Operations Manager.

What you need:

The ideal candidate will have a genuine passion for Information Security and the ability to maintain composure under pressure and work calmly during an emergency. They should also have a solid understanding in the following areas:

• SIEM and incident monitoring tools
• MITRE ATT&CK Framework
• SOAR (Security Orchestration Automation & Response)
• NIST cybersecurity framework
• Vulnerability Analysis
• Incident Response
• Information Security Standards
• EDR Solutions
• Anti-Virus & Anti Malware
• System Administration
• Application layer vulnerabilities
• Network Protocols
• Network Security
• Strong knowledge of Mobile Security (EMM, MAM)
• Firewall Administration
• Routers/Switches
• IDPS
• Web and Email Security
• Web Application Firewalls
• Load Balancing
• Strong Knowledge of Cloud Architecture
• Problem Solving & the ability to think on your feet under pressure
• Process Improvement

Qualifications & Experience:

• At least 5-7 years in a security analyst related role
• Bachelor's degree in computer science, programming, or other related program
• Certifications: GCIH, GCFA, GCIA