Security Analyst

Position Description

IT Security Analyst

Position Summary

The successful team member defines strategy for the team and leads the implementation of continuous security monitoring practices along with threat and vulnerability prevention runtime protection and response capabilities on cloud assets. Experience with modern software delivery infrastructure agile practices. Knowledge of Azure security a must. Subject matter expert on Azure cloud security technical risks and hardening methods for modern development practices such as infrastructure as code CI/CD pipeline hardening application security container security and infrastructure security. Understands the cloud shared responsibility security model and discerns security requirements for proactive defenses and runtime monitoring based on IaaS/PaaS/SaaS use cases.

Primary Duties and Responsibilities

• Plans implements and updates security measures and controls to protect an organizations computer systems networks and data from security breaches.
• Identifies and analyzes vulnerabilities and potential security breaches determines their root cause and rectifies security gaps.
• Investigates and appropriately responds to active alerts and security incidents.
• Collaborates with the security team to determine the best solution to detect and protect against vulnerabilities.
• Work collaboratively and cross functionally with the IT team and organization as a whole
• Monitoring
  1. Monitor the security of critical systems and SIEM infrastructure to ensure appropriate incidence response in line with administrative policies.
  2. Conduct routine social engineering tests and cleandesk audits to determine efficiency and optimization of the system and identify and mitigate security violations.
  3. Investigate potential or actual security violations on Microsoft Platform and help with remediation
  4. Monitors and review alerts Microsoft Sentinel SIEM
• Vulnerability Scanning and Management
  1. Perform periodic network endpoint hosts vulnerability scans
  2. Deploy weekly patches to various operating systems in the cooperate network.
  3. Participates in weekly team 24/7 schedule to support 24/7 needs of the department.
  4. Resets and configure two factor authentications for users
  5. Onboarding and offboarding of users on active directory.
• Strategy Development
  1. Research new developments in IT security to recommend develop and implement new security process documents standards procedures in line with the companys policies and security standards.
  2. Coordinate with third parties Vendors to perform vulnerability tests.
• Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities duties or responsibilities that are required of the employee for this job. Duties responsibilities and activities may change at any time with or without notice.

Core Competencies

• Confidentiality: This role may be privy to confidential and/or sensitive information. Must demonstrate integrity in maintaining confidential and sensitive information and strict adherence to organizational policies and procedures.
• Communication Proficiency: Uses friendly and proficient communication to interact with a wide range of people frequently exchanging information about IT operations.
• Time Management: Must manage their own time using an electronic calendar in an email program to set meetings to request others to attend and to coordinate their responses. Responds to requests for attendance at various meetings.
• Technical Capacity: Proficiency with many kinds of office equipment software and technology that is used or managed.
• Initiative and Proactivity: Correctly anticipates a need volunteers readily and acts without being told to do so. Brings new ideas to the company. Undertakes selfdevelopment activities; seeks increased responsibilities; takes calculated risks; looks for and takes advantage of opportunities; asks for and offers help when needed.
• Drive for Results: Is goaloriented; maintains focus on the objective.
• Problem Solving Personal Judgment: Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in group problemsolving situations; uses reason even when dealing with emotional topics. Solicits and applies feedback.
• Quality Management: Looks for ways to improve and promote quality; demonstrates accuracy and thoroughness. Does not cut corners; monitors work to ensure quality; applies feedback to improve performance.

Education and Experience

• 3 to 5 years experience in IT Security
• Minimum of 2 years experience working with Azure infrastructure cloud
• Bachelor Computer Science preferred
• Indepth knowledge and experience with Security and Compliance in Office 365
• In depth knowledge and experience working with
• Knowledge of Zscaler preferred

Work Environment

This position operates in a professional office environment and role routinely uses standard office equipment such as computers phones mobile devices photocopiers filing cabinets and fax machines.

Physical Requirements

While performing the functions of this job the employee is regularly required to sit; frequently required to talk and hear use hands and fingers to type scroll and use computer equipment. The employee is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading; visual inspection of text/data in both print and electronic forms.

Ability to lift and move up to 25 pounds.

Position Type and Expected Hours of Work

This is a fulltime nonexempt position. This position performs its work on site at our New Braunfels TX office. After 90days some hybrid work may be allowed. Days/hours worked are dependent on the workload at the time. General availability and presence in the office is expected during regular business hours MondayFriday. However some flexibility is allowed. Occasional evening and weekend work may be required as job duties demand.

Travel

There is no major travel requirement for this position. However infrequent travel may be necessary to visit remote office(s) attend conferences/industry events etc. Attendance at our corporate Staff Retreat is required. This event is a 23day retreat. Attendance at our annual User Conference as assigned.