YPO

IT Security Analyst

Job ID
2021-2024
# of Openings
1
Job Locations
US
Posted Date
2 months ago(5/27/2021 10:05 PM)

Overview

This role protects the confidentiality, integrity and availability of YPO information technology assets by minimizing security risks within the organization’s infrastructure. Fosters security awareness to help prevent unauthorized access and cyber-attacks from bad actors.

Responsibilities

• Monitor all information assets and promptly investigate identified vulnerabilities, alerts, unusual or unauthorized activity and incidents. Follow the IRP to escalate incidents to the Technology Operations Director as needed.
• Promptly resolve security related requests in the security queue.
• Participate in the full incident lifecycle as a member of the CSIRT.
• Assist with the creation and delivery of cyber security awareness training.
• Keep abreast of security trends, emerging cyber security threats, security tools, best practices and applicable compliance regulations.
• Participate in the selection of security tools and partners that improve security posture.
• Ensure all systems comply with applicable compliance regulations.
• Respond to member inquiries regarding YPO systems security.
• Perform routine security assessments, pen tests, vulnerability scans and account audits.
• Evaluate new security technologies and recommend those that provide value.
• Routinely document and validate purpose of all privileged accounts.
• Review the technical architecture of new projects for compliance with security standards.
• Conduct simulated events to evaluate and improve our awareness and response plan.
• Prepare detailed incident reports for all incidents.
• Perform audit analysis of accounts and processes for organizational changes, separated employees, role changes, inactive accounts etc.
• Work with vendors to provide security guidelines and ensure privacy standards are met.
• Assist with internal and 3rd party security audits.
• Maintain an information security risk register and track remediation efforts.
• Ensure security vendor SLAs are being met.
• 24/7 escalations response.

Qualifications

• Ability to validate security controls on multiple operating systems and applications.
• Ability to function within an Incident Response Team for preparation, training, detection, analysis, containment, remediation and incident closure.
• Experience working in a SOC or partnering with an MSSP.
• Differentiate phishing from spam, message headers and message tracing.
• Strong technical background in systems, data and network security best practices.
• Working knowledge of cloud infrastructure, virtual platforms, encryption technologies and endpoint protection.
• M365 governance and compliance.
• Excellent organizational, planning, and prioritizing skills.
• Knowledge of industry trending threats, security tools and best practices.
• Vulnerability scanning, security monitoring and SIEM tools.
• Ability to work within an environment of frequently changing priorities.
• Analytical, detail-oriented, problem solver.

 

EXPERIENCE/BACKGROUND
• 2 years hands on experience in a full-time information security role.
• Hands on experience with vulnerability assessment tools and penetration testing.
• Understanding of endpoint security, firewalls, SIEM, and IDPS concepts.
• Experience working in a SOC or partnering with an MSSP.
• Experience as a member of an incident response team.
• Forensics experience a plus.
• Globally diverse environment with 24/7 SOC.

 

EDUCATION/TRAINING/CERTIFICATION
• Bachelor’s Degree in Information Technology, Cyber Security, Computer Science or
equivalent work experience.
• Industry recognized certifications in information security with at least one obtained from ISACA, ISC2, GIAC, EC-Council, or CompTIA.

 

PHYSICAL REQUIREMENTS
• Ability to work flexible and/or extended hours as needed to accommodate members and team members in multiple time zones.
• Ability to work for extended hours at a computer screen.
• Willingness and ability to travel, domestically and internationally, without restrictions, approximately 5% per year.

EOE

YPO is an equal opportunity employer. YPO takes pride in supporting a diverse workforce and demonstrates this through its policies and practices. YPO does not discriminate in recruiting, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, marital or veteran status, disability or any other legally protected status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.