Or email your resume to [email protected]
Apply for this Job below or Call Us at 1-888-743-7782
Security Analyst – IT
IT Security Analyst
Fort Lauderdale, FL (On-Site)
The IT Security Analyst monitors and reports on security status using various security tools combined with analytic methods that correlate across systems to provide actionable information to IT and executive management on current status and emerging threats. The position also contributes to information security policy maintenance; assists with design of security policy education, training, and awareness activities; monitors compliance with company security policies, regulatory requirements, and applicable laws; coordinates assessment, investigation, and reporting of security incidents. The position performs network penetration tests, vulnerability assessment scans, risk assessment reviews to maintain HIPAA Security Rule and PCI compliance.
Education and Certifications:
- BA or BS in Computer Science, MIS or related field preferred (significant experience can offset education)
- Intermediate or advanced certification from (ISC)2, ISACA or GIAC, earned or eligible to earn
- Minimum of 1-3 or more years of progressive experience in enterprise computing and information security, including complex Internet, computing, network, data, information, facilities, and human capital management technology and security issues
- Security policy development, security education and awareness programs.
- Network penetration testing, vulnerability assessments (network, system, application and web).
- Risk assessment and analysis, and compliance testing.
- Administration of security, threat management and monitoring tools and toolkits.
Skills and Abilities:
- Microsoft operating systems, Active Directory
- Linux/Unix operating systems
- Centralized anti-malware protection and system hardening
- Cisco networking products (routers, switches, firewalls, UCS)
- Data extraction and analytics, Excel formulas and pivot tables, CSV file manipulation
- MS SQL, Oracle, Informix, and/or Postgresql
- Excellent communication (oral, written, presentation), interpersonal and consultative skills.
General Subject Knowledge:
- ITIL framework (change, incident, problem, configuration, asset, and service level management)
- Project management methodologies
- Information security standards and frameworks, rules and regulations related to information security and data protection (eg. HIPAA, PCI, NIST, ISO, COBIT, etc.);
- Principles for risk identification and analysis of desktops, servers, applications, databases, networks, and facilities.
IT Security skills:
- Secure application coding practices, IIS web technology
- Ethical hacking practices
- Remote access technology·
- Encryption best practices
- Security Incident and Event Management
- Intrusion detection and prevention
- File Integrity Monitoring
- Data loss prevention
- Computer forensic investigation practices
- VoIP security
- Responsible for administering risk management, threat management, and security monitoring tools.
- Monitor and consult on information security issues related to Company and 3rd party systems, and workflow to ensure security controls are appropriate and operating as intended.·
- Lead and oversee execution of IT security projects for the Company.
- Participate in internal HIPAA, PCI, ISO and HITRUST risk assessments.
- Coordinate and manage responses to information security incidents.
- Assist in the development of Information Security policies, procedures, standards and guidelines based on research, knowledge of best practices and compliance requirements.
- Conduct data classification assessment and security audits, and manage remediation plans.
- Perform security management functions by taking actions to mitigate risks, recommending security strategies, and ensuring controls are implemented and functional.
- Provide security governance by serving as oversight to ensure risks are adequately mitigated, and by aligning security strategies with business objectives and regulatory requirements.
- Interact with IT, Compliance, Facilities, HR and Operations management, legal counsel, safety and security, and law enforcement agencies to manage security vulnerabilities.
- Promote user security awareness.
- Conduct security research in keeping abreast of latest security issues, technologies, and trends.
- Prepare security documentation, including Company notifications and Intranet web content; contribute to Information Security Bulletin on Pulse community website
- Contribute to weekly Security dashboard and management report to include the Company risk register, threat detections, compliance gaps, vulnerability exposures, and remediation activity tracker.
- Conduct periodic client-specific and enterprise service continuity/recovery testing.
- Actively participate in security and information protection communities, groups, and networks.
- Participate in quality assurance, compliance and in-service and continuing education activities
SherlockTalent loves to share a $500 referral bonus!
"U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.