Information Technology - Information Security Analyst
POSITION PROFILE: Information Security Analyst
REPORTS TO: Director of Technology Infrastructure
STATUS: Full-Time, Exempt
JOB SUMMARY: We are seeking an Information Security Analyst to be a lead point of contact for cybersecurity initiatives throughout our organization. This person will regularly update our data security policies, procedures, and technology to keep up with industry best practices and regulatory requirements including NIST, PCI, HIPAA, etc. They will also perform routine security related tasks such as reviewing alerts from our MSP, reviewing vulnerability scan/pen test results, and advise other technology subject matter experts on where changes or patches may be needed. Additionally, they will administer our 3rd party management information security program to ensure compliance by our vendors and partners. We require someone with great organizational skills and a passion for being at the forefront of cybersecurity.
Strategy & Planning
- Maintain and update the enterprise’s security awareness training program.
- Create and maintain the enterprise’s security documents (policies, standards, baselines, guidelines, and procedures).
- Create and maintain the enterprise’s compliance and risk management platform, including management of third-party vendors.
- Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
- Oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Monitor security update and patching processes to ensure functionality and completeness.
- Ensure the enforcement of enterprise security documents.
- Perform investigations into problematic activity and provide on-going communication with senior management.
- Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
- Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
- Bachelor’s degree from a four-year college or university or equivalent work experience.
- Proficient in Microsoft security and identity solutions.
- One or more of the following certifications preferred:
- GIAC Security Essentials Certification
- Microsoft Certified: Security, Compliance, and Identity Fundamentals
- (ISC)2 CISSP
- Three or more years of relevant experience.
- Experience in enterprise security document creation.
- Experience in designing and delivering employee security awareness training.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Familiarity with Cisco security products such as Firepower, Cisco Secure Endpoint, and Umbrella.
- Light office duties and activities
- Mobility to walk Stadium, climb ladders, and enter confined spaces.
- Problem Solving-Identifies and resolves problems in a timely manner; gather and analyze information skillfully.
- Technical Skills-Assesses own strengths and weaknesses; pursues training and development opportunities. Strives to continuously build knowledge and skills. Share skills with others and recognizes training opportunities for staff.
- Judgment-Displays willingness to make decisions and exhibits sound and accurate judgment. Includes appropriate people in decision making process.
- Motivation-Demonstrates excellent personal motivation and encourages others to be motivated and enthusiastic. Shows persistence and overcomes obstacles. Takes calculated risks to accomplish goals.
- Oral Communications-Speaks clearly and persuasively in positive or negative situations; listens and gets clarification.
- Written Communications- Writes clearly and informatively.
- Job Family Information Technology
- Pay Type Salary
- Kansas City, MO, USA