IT Security Analyst
Direct hire in Pittsburgh, PA
Ensures optimal security is in place for all externally facing security hardware/equipment/tools including firewalls, intrusion detection/prevention systems, and remote access environments
Responsible for working with various teams to ensure that the security of the infrastructure including the networks, servers, workstations and telecommunications systems meets adequate security and compliance
Reviews of infrastructure security components and provide recommendation’s for the enterprise as well as assist in the development of appropriate risk mitigation strategies.
Define the requirements for security technologies to include intrusion detection/prevention, application/data security, encryption, forensics, log analysis, authentication systems, identity management and access control.
Proactively identifies security problems monitors performance trends, performs upgrades and makes recommendations to security hardware and software as required
Manages security related project assignments and tasks by establishing project plans, schedules, and acts as coordination point for resources such as vendors, consultants, and team members
Responsible for assisting in development of security solutions, proposals, integrating new systems/designs, as well as creation of associated support processes and procedures
Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager and advising the organization with current information about information security technologies and related threats.
Helps define policies for the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection systems, patch management, and anti-virus software.
Assesses and communicates all information security risks associated with interactions or practices performed by the firm, including those associated with the external third parties.
Manages and performs information security incident response, event correlation and investigation activities as needed or requested over information security incidents and/or breaches.
Design, functionality, implementation and ongoing support of the LAN, WAN, remote access, IDS/IPS, SIM/SEIM and firewall/unified threat management systems/tools/devices throughout the global enterprise. This may include system administration, troubleshooting, analysis, testing, research, training, problem solving, technical support, development, and testing/deployment of new applications, hardware, and systems.
Schedules and executes equipment repairs, preventive maintenance, and changes with minimal end user disruption per the guidelines of the Environmental Change Control Process
Performs periodic information risk assessments, conducts compliance monitoring activities and initiates reoccurring penetration testing
Assists with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Bachelor's degree in Computer Science, Business or Engineering; or equivalent work experience is required; CISSP certification or working toward CISSP certification desired.
Minimum of five years’ information systems experience, including at least one year of systems project management experience.
Experience with security policies and procedures, awareness programs and IT audits preferred. Background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site mission critical environment.
Must have understanding and working knowledge of operating system security, encryption technologies, forensics analysis, penetration testing and vulnerability/risk assessment.