Job Description
How will your role impact First Command?
An Analyst is an entry level Information Security position that will primarily focus on assisting others with identifying information security requirements, threats and vulnerabilities. They will be tasked with working with Senior Engineers to ensure that policies are being followed and to perform investigations when a violation is identified.
What will you be doing?
- Assist in conducting Vendor reviews
- Investigate Data Loss Prevention (DLP) alerts and recommend appropriate actions based on findings
- Assist in conducting computer forensics as needed
- Remain current on information technologies and apply those innovations in the company’s security standards and best practices
- Collaborate with other teams to complete production support tickets
- Track, analyze, and report on key Cybersecurity metrics
- Identify, assess, review, and categorize SIEM and other security alerts including User and Entity Behavioral Analytics (UEBA)
- Conducts security reviews, evaluations, risk assessments, and develops recommendations for improvements as appropriate
- Manage and improve information security documentation as required
- Assist in managing the Identity and Access Management program
- Maintains a focus on continued personal development
- Provides support to the Agile Release Trains (ART) and members of the teams in all aspects related to Info sec
- Partners with others to conduct periodic phishing training and when needed, evaluates e-mails to determine their authenticity
- Collaborate with team members as well as other business functions, business partners, management, vendors, and external parties for information gathering and best practice recommendations
What skills/qualifications do you need?
Education
- Bachelor’s Degree in Computer Science, Information Technology, an Engineering related field, or equivalent experience
Work Experience
- A minimum of 2 years of experience preferred
Certifications
- CompTIA Security+ preferred but must be obtained within 6 months of hire.
Required Knowledge, Skills And Abilities
- Possess strong analytical skills
- Must be a self-starter and comfortable with self-directed learning on industry risks and changes
- Must be able to perform risk analysis on projects and provide recommendation to mitigate risk
- Good oral and written communication skills
- Ability to speak confidently when dealing with internal constituents
- Diligence in producing and maintaining documentation and evidence, especially for compliance activities
- Basic knowledge of ISO, NIST, and other information security standards, laws, and regulations
- Identifying complex problems and reviewing related information to develop and evaluate options and implement solutions
- Build domain knowledge of our environment to understand long-term risk areas that will develop as the systems evolve
- Identify industry security standards for practical security operations, network operations, and application development practices
- Analyze business impact and exposure, based on emerging security threats, vulnerabilities, and risks
- Basic scripting or coding skills preferred