Cybersecurity Analyst - IT Security Services

Summary

The Cybersecurity Analyst is responsible for monitoring, analyzing, and responding to security alerts and events from CRD systems and users. Working with the Manager, Cybersecurity, the Analyst is responsible for the support and maintenance of technologies to uphold security operations of the CRD. The primary objective of the role is the analysis and categorization of alerts or other events, including ongoing maintenance and configuration of systems, policies, and tools, as well as assisting with supporting the design and integration of new technology focused tools and applications from a cybersecurity perspective.

Key Duties & Responsibilities

• Monitor the CRD technology landscape for security incidents, unusual activity, and events.
• Monitor security events and alerts utilizing security response tools such as EDR, SEIM, IDS/IPS, email security, user reports and others.
• Perform security investigations as required using threat intel sources.
• Perform post-event analysis of security incidents and create reports.
• Run vulnerabilities scans and report findings and work collaboratively with IT application and infrastructure teams to action vulnerability findings.
• Threat hunting activities as required using threat intel sources.
• Perform risk assessments and compliance reporting including cloud security.
• Performs penetration tests, TTE's and other red team exercises.
• Assists in development and promotion of security best practices.
• Installs and integrates security software and devices.
• Maintains and operates security software and devices.
• Participate in Incident Response and Disaster Response planning and testing.
• Work with other IT teams to ensure security systems are maintained and integrated.
• Conduct forensic analysis of security incidents as required.
• Follows all policies, procedures and standards of the CRD.
• Performs other related duties as required.

Additional Information

• None

Key Skills & Abilities

• Knowledge of security principles and best practices
• Familiarity with security tools and technologies such as: Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (DIS), Intrusion Prevention Systems (IPS), firewalls, Endpoint Detection and Response (EDR) and Antivirus (AV) systems, Network Access Control (NAC) systems, Data Loss Prevention (DLP) systems, vulnerability scanners, firewalls, red team/penetration testing tools, and security education and awareness platforms.
• Knowledge of networking protocols and technologies
• Familiarity with operating systems such as Windows, Linux, and macOS
• Experience with virtualization technologies such as VMware or Hyper-V
• Familiarity with cloud computing platforms such as AWS or Azure
• Experience with scripting languages such as Python or PowerShell
• Familiarity with web application security concepts such as OWASP Top 10
• Familiarity with Cybersecurity Frameworks such as NIST, ISO27001/27002, etc.
• Strong assessment and problem-solving skills, including attention to detail, ability to research, analyze, interpret and summarize issues.
• Excellent verbal and written communication skills and ability to maintain good working relationships with professionalism, tact, confidentiality, and discretion.
• Ability to excel in a dynamic environment, including working under pressure with unpredictable variables and meeting deadlines.
• Willingness to learn and keep skill set current with the latest security trends and threats.
• Ability to occasionally adjust hours of work to respond to operational requirements.

Qualifications

Certifications