Information Security Analyst

UFG is currently hiring for an Information Security Analyst who is responsible for the day-to-day operation monitoring and support of UFGs security tools systems and processes. This role helps ensure that access controls alerts configurations and security policies are consistently enforced across enterprise environments.

Working under the direction of security leadership and in collaboration with engineering and infrastructure teams the analyst helps manage user access provisioning log review patch tracking system baselines and audit readiness activities. This role is foundational to the organizations security operations helping to maintain compliance and reduce risk through diligent execution of established controls and procedures.

Essential Duties and Responsibilities:

Security Monitoring and Incident Response

• Regularly review and analyze security logs system alerts and network traffic to detect investigate and mitigate security threats and anomalies.
• Participate in the development implementation and refinement of incident response plans for rapid effective cybersecurity event management.
• Participate in the creation and implementation of high value detections unique to UFGs enterprise environment.
• Supports Information Technology team members with risk analysis of identified issues or events and perform investigations to uncover additional facts surrounding the event.
• Review analyze triage and respond to phishing submissions and alerts.
• Assist with risk assessments vulnerability scans and remediation efforts across infrastructure and applications.
• Participate in disaster recovery and business continuity planning and testing
• Operate as part of a 24/7 on call team responding to incidents and supporting the team as necessary.

Threat Intelligence Threat Analysis and Risk Mitigation

• Assist with conducting analysis of cyber threatsincluding malware phishing campaigns and other attack vectorsto identify patterns indicators of compromise (IOCs) and adversary tactics techniques and procedures (TTPs).
• Evaluate threat intelligence from diverse sources such as open-source intelligence tools (OSINT) and commercial feeds to identify relevant and actionable insights for the organization.
• Collaborate closely with business and IT personnel in a complex information technology environment to support proactive threat identification risk mitigation and incident response efforts.
• Stay current with and remain knowledgeable about new threats. Analyze attacker tactics techniques and procedures (TTPs) from security events across UFGs network of security devices and end-user systems.
• Monitor emerging security threats and identify vulnerabilities in current or proposed systems and processes.

Policy Development Metric Management and Compliance

• Participate in the development and enforcement of IT security policies standards procedures and compliance requirements.
• Assist with conducting security audits and risk assessments to identify gaps create unique solutions and implement essential controls.
• Assist with security audits to facilitate SOX compliance in coordination with both internal and external auditors
• Assist with automation or manually input data as necessary to track communicate monitor or improve the Information Security Teams metrics and reports.

Identity and Access Management

• Assist in the development of Identity Access Management standard operating procedures playbooks and runbooks.
• Collaborate with business and IT teams to identify gaps in and expand coverage of identity access management controls and capabilities.
• Assist application administrators with implementing access controls

Continuing education

• Monitor information technology industry tools and trends for new technologies and make recommendations on their impact to the organization.
• Attend regular training events and keep skills sharp in the security industry and with specific UFG products.
• Maintain awareness of new attack methods and how they intersect with UFGs security stack.

Job Specifications:

Education:

• Associates degree in information technology Computer Science Management Information Systems or equivalent combination of education and relevant enterprise-level experience.

Certifications/Designations:

• Industry related certifications (Such as MCSE CCNA ISC2 or any GIAC) preferred

Experience:

• 2 years of experience in IT.
• Working knowledge of PowerShell Python or C# preferred.

Working Conditions:

• General Office Environment
• This position may handle off-hour and emergency escalations.

Pay Transparency Statement:

UFG Insurance is committed to fair and equitable compensation practices. The base salary range for this position is $71598 - $94396 annually which represents the typical range for new hires in this role. Individual pay within this range will be determined based on a variety of factors including relevant experience education certifications skills internal equity geography and market data.

In addition to base salary UFG Insurance offers a comprehensive total rewards package that includes:

• Annual incentive compensation
• Medical dental vision & life insurance
• Accident critical Illness & short-term disability insurance
• Retirement plans with employer contributions
• Generous time-off program
• Programs designed to support the employee well-being and financial security.

This pay range disclosure is provided in accordance with applicable state and local pay transparency laws.

Required Experience:

IC