Information Security Analyst - 2623
The Information Security Analyst will work with other Information Security personnel to properly secure KLC’s computing assets. This position leverages designated security standards to validate compliance, conduct vulnerability scanning, and assess new software for security concerns. Analysis occurs in various platforms, with an emphasis in cloud computing.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Designs the framework for securing the Azure environment.
- Conducts vulnerability and compliance scanning; generates reports outlining risk areas and compliance metrics; works with IT personnel to resolve open vulnerabilities.
- Advises and assists other departments regarding compensating control alternatives where security requirements cannot be met.
- Completes firewall reviews ensuring rulesets comply with security best practices.
- Performs user access reviews to validate separation of duties and least privilege concepts.
- Responds to enterprise event and alerting solutions.
- Assists user community with security concerns including, but not limited to system/application access, phishing attempts, or securing data.
- Assists management in implementing information security training and/or participating in periodic external security assessments.
- Maintains a current and leading-edge knowledge base of security topics, tools, and methodologies, and assesses potential utility and/or impact to the KLC.
- Performs other duties as assigned.
- Bachelor’s degree from an accredited college or university with a major in one of the computer sciences or in management information systems technology is required. In lieu of formal education, experience working in the information security field may be acceptable at the KLC’s discretion.
- Minimum of one – three years’ experience as an information security professional is required.
- Knowledge of, or experience working with Information Security frameworks, guidelines, and standards such as ISO, NIST, or CIS is required.
- Knowledge of Cloud networking architecture, cloud operations, security, automation, and orchestration are required. Experience securing Azure environment preferred.
- Experience in system patching and/or vulnerability management is required. Hands-on experience with Tenable.io is preferred.
- Working knowledge/experience of security principles within Windows and Linux Operating Systems is required. Knowledge of IBMi OS and hardware platforms is desired.
- Knowledge and experience with security logging and monitoring solutions is desired.
- Certification in a security-related area, such as CISA, CISM, or CISSP is desired.
- Strong written and verbal communication with technical and non-technical audiences required.
This position has no supervisory responsibilities.
- Office environment
- Travel – 5%
- Periodic on-call duty; implementations may require off-hours responsibilities.
- Standing or sitting: Continuously
- Moving: Occasionally
- Reaches, writing, fingering, typing: Continuously
- Talking and/hearing: Frequently
- Seeing: must be able to read reports and use a computer: Continuously
- Sit for long periods of time: Frequently
We offer a comprehensive employee benefits package including medical, dental, vision, wellness program, health savings account, flexible spending accounts, company paid life insurance, supplemental life insurance, company paid short-term and long-term disability, voluntary benefit plans, generous paid time off plans, retirement plans – including 401(k), 457(b), IRAs, and a money purchase retirement plan in which the company contributes a portion of your base pay.
- Interested candidates may send their resume and salary expectations to: email@example.com
- Please indicate “Position #2623” in the subject line of your e-mail.
- We will only contact candidates who match the qualifications for this role and who are selected for the next steps in the talent acquisition process.
Equal Employment Opportunity Employer