Information Security Analyst Sr
CSG International Omaha, NE
Essential Job Functions
- Coordinate and review analysts work. Be a mentor and technical resource for junior members of the team. Work with Security Operations management to set priorities and execute the vision. Work closely with other shifts to coordinate incident hand-offs and communicate status.
- Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: IPS/IDS alerts, Application Firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.
- Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), ISO 27001, General Data Protection Regulation (GDPR), emerging state and Federal privacy laws, and general security auditing
- Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediating of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
- Participate in the organization's incident response plan and perform incident reporting on an as needed basis
- Support processes such as Managing web browsing protections, web content filtering, and web site category white-listing/blacklisting, support automated encryption/decryption and secure file transfer of sensitive business process files, manage internally generated SSL certificates and SSL certificates generated by a managed PKI vendor and internal Certificate Authority
- Must be able to work outside normal business hours when needed in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted
- Regular and reliable attendance is required.
- Incumbent is accountable for professional working behavior to include; building and maintaining constructive working relationships, implementing proactive and concise communication, acting as a resource to colleagues, and engaging in collaborative thinking and problem solving while demonstrating CSG's core competencies and values.
- College degree: Computer Science, Information Security, related field, or equivalent experience
- Experience with security monitoring, incident response, and incident management
- Experience maintaining information security technologies, such as: IDS/IPS, malware prevention, database activity monitoring, secure password repository, multi-factor authentication, SIEM, SPAM prevention, web content filtering, IdM/IAM, encryption and encryption key management, DLP, change detection, and vulnerability scanners
- Qualified and successful candidates will have at least 3 years of experience working extensively within information security
Knowledge, Skills and Abilities
- In-depth knowledge of TCP/IP: must be able to demonstrate technical understanding of all layers of the TCP/IP stack, including familiarity with major application-layer protocols such as HTTP, HTTPS, FTP, SFTP, FTPS, SMTP, DNS, etc.; must be able to read and understand a packet trace; must be able to read and interpret network access control lists
- In-depth knowledge of Windows and Linux operating systems including understanding registry and config files, filesystems, file metadata, services and daemons, and file structures including common file headers
- In-depth knowledge of dynamic and static malware analysis and malicious email analysis. Incident response and management fundamentals including assessing risk and triaging event and alert data.
- In-depth understanding of a variety of system, network, and application attacks: examples include DoS/DDoS, buffer overflows, SQL injection, reconnaissance scanning, and evasive methods attackers use to avoid detection; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits
- Working knowledge with IT security, compliance, and regulatory requirements, such as: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), Healthcare Information Privacy Protection Act (HIPPA), ISO 27001, and General Data Protection Regulation (GDPR)
- Industry recognized certifications (CEH, GSEC, GIAC, etc)
| Date Posted
September 13, 2018
| Date Closes
October 13, 2018
| Located In
| Job Type
| SOC Category