|Date Posted||January 11, 2020|
We have an exciting opportunity for a Cybersecurity Analyst position.
The Cyber Security Analyst plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The Cybersecurity Analyst will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
DUTIES AND RESPONSIBILITIES:
- Develop security standards, procedures, strategy plans, and roadmaps based on sound enterprise architecture practices.
- Determine baseline security configuration standards for operating systems, networking, encryption, data security, data classification, and identity and access management (IAM) assuring architectures meet security best practices that reduce risk and enhance security.
- Conduct security assessments of internal systems, applications and IT infrastructure; managing these systems in a security information and event management system as part of the overall risk management practice of the organization.
- Provide timely reporting of security related systems and events to various levels of management on a regular basis
- Work with internal teams (Compliance, Legal, HR, etc.) to understand their security requirements and incorporate into the overall Strategy and execution plans.
- Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field
- A minimum of 7 years or more experience in a security related field with direct responsibility to manage security one or more of the following:
- Experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM, and vulnerability management tools
- Documented experience and a strong working knowledge of the methodologies required to conduct threat-modeling exercises on new technologies and services
- Experience with the secure deployment of workloads into public cloud services (e.g., AWS, datacenters, SAAS, etc.)
Industry and Regulatory Experience (One of more of the following):
- Sarbanes-Oxley Act, and Japanese the variant
- General Data Protection Regulation (GDPR)
- Privacy Principles (best practices)
- International Organization for Standardization (ISO) 27001/2
- National Institute of Standards and Technology (NIST)
- Cybersecurity Framework (CSF)
- International Traffic in Arms Regulations (ITAR)
- IT Service Management (ITIL)
The ideal candidate will maintain one or more of the following certifications:
Nesco Resource is an equal employment opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or veteran status, or any other legally protected characteristics with respect to employment opportunities.