IT Security Analyst I

Position Summary::
Protects company hardware, software, and networks from threats and cybercriminals. The analyst's primary role is to understand company IT infrastructure in detail, monitor prevention, detection, and response controls, and evaluate threats that could potentially breach the network. The security analyst continuously looks for ways to enhance company network security and protect its sensitive information.
:
Criteria:
Education/Experience:
B.S. degree in cybersecurity or: high school diploma/GED and two years of experience in a technical field. Professional certifications may be considered as a substitute for a portion of the experience requirement.

Skills/Abilities:
Good customer service and organizational skills required. Pays strong attention to details and is an excellent problem solver. Self-starter who is highly motivated and requires little supervision.

Certifications/Licenses:
GIAC Security Essentials (GSEC) within 18 months of employment.

Physical Demands:
The ability to operate a standard company vehicle. The ability to communicate by phone and in person. The ability to see and read printed material.

Work Environment:
Indoor office conditions with occasional fieldwork.

Driving:
Must have and maintain a valid Tennessee Class “D” license.

Telephone:
Must maintain an operating telephone and furnish the number to his/her supervisor.

Essential Functions: :

• Participate in the planning and design of enterprise security architecture

• Participate in the creation of enterprise security documents such as policies, standards, baselines, guidelines, and procedures

• Participate in the planning and design of business continuity and disaster recovery plans

• Keep current with emerging security products, services, and standards

• Conduct research on emerging security products, services, and standards

• Participate in risk assessments for new technologies and projects

• Assist with recommending security improvements, upgrades, and purchases

• Interact with vendors and outside security personnel to obtain protection, services, or advice

• Investigate security alerts from various technologies including endpoint protection, mail flow rules, firewall alerts, and other security controls solutions

• Maintain IT security documentation, risk registers, and knowledge base solutions

• Provide end user awareness and other social engineering training to employees to prevent security violations

• Assist with end user accounts, permissions, and access rights to all systems and data

• Assist with risk assessments, penetration testing, and other security audit activities

• Assist with incident investigations, security violations, and response activities

• Monitor server and firewall logs as well as network traffic for suspicious or unusual activity

• Ensure software has adequate security measures in place

• Participate in security-related tabletop exercises and response plans

• Assist with physical security controls including access control systems and cameras

• Assist with the preparation and delivery of technical presentations as needed

• Read technical journals or manuals and attend training and vendor seminars

• Perform additional duties as requested