IT Security Analyst - Centurion at Ampath

Purpose of Position:

The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Requirements:

Bachelor Degree in Information Technology, Computer Science, Management Information Systems or an advanced Technology-related Degree (Required), Industry recognized certification in IT Governance (Required), Industry recognized certification in IT Security (Required)

Required Experience:

6 – 8 years related experience., A good understanding of IT networking and access management concepts, Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies, Experience in designing and delivering employee security awareness training, Experience in developing Business Continuity Plans and Disaster Recovery Plans, Experience in enterprise security architecture design, Experience in enterprise security document creation, Understanding of information security principles and best practice (e.g., ISO27001, ISF Standards of Good Practice for Information Security, CIS controls), Working technical knowledge of identity management solutions, Working technical knowledge of next generation firewalls

Key Responsibilities:

Maintain operational configurations of all in-place security solutions as per the established baselines., Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors., Monitor all in-place security solutions for efficient and appropriate operations., Participate in investigations into problematic activity., Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate., Participate in the design and execution of vulnerability assessments, penetration tests, and security audits., Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the IT Security Manager, where appropriate., Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate., Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically., Provide on-call support for end users for all in-place security solutions., Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security., Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.