Associate Information Security Analyst
Company Name Raymour & Flanigan Furniture and Mattresses
Company Location Liverpool, New York, United States
This position is responsible for cybersecurity management:
Essential Job Functions:
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Remain up to date on trends and issues in the security industry, including current and emerging technologies.
- Maintain situational awareness of emerging cybersecurity threats, vulnerabilities, vendor patches, etc.
- Ensure all cybersecurity documentation meets internal Document Management requirements.
- Drive Compliance Management activities to ensure cybersecurity policies and standards are adhered to by performing assessments and collaborating with responsible team members.
- Develop, execute, and track the performance of security controls to protect information, network infrastructure and computer systems.
- Configure, troubleshoot, and maintain security infrastructure software and hardware.
- Develop scripts and code with security tools.
- Monitor systems for irregular behavior and set up preventive measures.
- Apply your analytical knowledge and understanding of vulnerabilities and attack vectors to proactively detect, analyze, and investigate malware, phishing, and other threats.
- Conduct investigations in response to policy violations and security incidents.
- Document and escalate incidents (including event's history, status, and potential impact for further action); recommend mitigations that will have immediate impact to the environment.
- Assist in Disaster Recovery and Business Continuity events.
- Perform after-action reviews of team products to ensure completion of analysis and recommend improvements.
- Communicate written and verbal information in a timely, clear, and concise manner.
- Participate in rotating "on-call" schedule with other members within the Information Security department.
- Performs other duties as assigned or necessitated by business, regulatory or emergency situations.
Requirements:
- Degree in Computer Science or related field, or a combination of education and work experience.
- One or more years' work experience as Associate Information Security Analyst or similar IT experience (i.e. Helpdesk, Systems or Network experience).
- One or more year's work experience working with operating systems such as Windows, MacOS, and Linux and the ability to perform basic functions at the command-line interface.
- Experience performing basic scripting tasks using PowerShell, Python, Perl, BASH, or other scripting languages.
- Experience collaborating with other business disciplines (IT and non-IT) to complete projects.
- Experience with creating and updating technical documentation.
- Experience working with security management tools and products.
- Knowledge of security systems including anti-virus applications, content filtering, firewalls, authentication systems and intrusion detection and notification systems.
- Strong and effective communications skills with the ability to distill down complex vulnerabilities to business impact to internal customers.
- A strong desire to learn new technologies and contribute to a fast-growing company.
- Must be comfortable managing daily tasks of the position as well as longer term projects.
- Possess personal ownership, drive, and urgency to keep moving things forward even in the face of ambiguity and imperfect knowledge.
Skills:
- Critical thinking skills and ability to solve complex problems.
- Demonstrable teamwork skills and resourcefulness.
- Comfortable working independently.
- An understanding of cybersecurity as it relates to the software development lifecycle.
- An understanding of networking concepts, protocols, and detailed knowledge of how networks function.
- An understanding of Azure Ad, on-prem Active Directory, and Group Policy.
- An understanding of Amazon Web Services, Google Private Cloud, Azure, and related technologies.
- An understanding of systems design and implementation.
- An understanding of common network, system, and application vulnerabilities.
- An understanding of security fundamentals.
- Demonstrates a history of self-improvement and skills enhancement.
