Sr. Information Security Analyst

Job Summary

:
Responsible for reducing the impact of information security incidents and system compromises. They do so by leading our advanced security monitoring, incident / event investigation and analysis, leading roleplay tabletop events and helping to run "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, taking the lead on security and data privacy assessments as well as coordinating the execution of recommendation for endpoints, servers, and network infrastructure. They are responsible for the detection and alerting on of indicators of compromise (IoC) as well as helping correlate the evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. This role is also responsible for leading and mentoring more junior security resources at the organization. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy.

Job Responsibilities:

• Lead security incident investigations and reporting according to the Incident Response Plan (IRP).

• Coordinate industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.

• Perform network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.

• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended. Coordinate execution of approved mitigation plans.

• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.

• Lead the assistance and support of user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.

• Act as the security investigative lead on any breach analysis activities to help discover root cause.

• Contribute to disaster and business continuity recovery planning as well as play a role in the execution should an event occur.

• Analyze and provide security model planning input for cloud (SaaS) access and monitoring. Including protection recommendations associated with IT architecture for cloud and hybridized computing. Help to coordinate execution of that model and strategy.

• Lead on support for compliance activities for SOX, PCI, CPNI, and data privacy regulations around PII, PHI, and financial data.

• Actively participate in red team / blue team engagements led by more senior team members or by select management approved security partners.

• Participate in threat modeling activities with more senior team members or with select management approved security partners.

• Primary role on supporting IT Security program initiatives and security tool implementations.

• Provide regular business intelligence via technical reports, meaningful metrics to management and to c-suite level audiences as required through tooling over time.

• Conduct quality assurance reviews of investigations and analysts' adherence to process as well as procedures.

• Develop industry best practice and modern security report templates, processes, and playbooks for other security team members and operational functions to execute on.

Qualification Requirements:

• Education: Four Year Degree in Computer Science, Networking Administration, or Cyber Security is required. Master's Degree in Cyber Security is preferred.

• Experience Level:

• 7-10 years of Information Security, Data Analytics or Security Operations experience is required.

• 5-7 years of Splunk or SIEM experience is required. 3-5 years of Security Analyst or Security Generalist is required.

• Seasoned experience in application, server, and network security is required.

• Experience in the event log monitoring of computer systems and SIEM enterprise security capability is required.

• Experience with and deep understanding of industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) and PII, PHI, CPNI, and PCI data handling requirements is required.

• Experience with SOX obligations and requirements is required.

• Experience in information security or data privacy investigative work is required.

• Experience with mobile device management (MDM) is required.

• Experience as a lead technical security resource on several small to mid-sized security initiatives is preferred.

Job Skills & Knowledge:
Skill Requirements:

• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.

• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.

• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.

• Ability to develop and analyze processes.

• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.

• Ability to identify detailed information risk and to apply governance compliance concepts and principles.

• Must have excellent verbal and written skills.

• Must be able to work effectively in a team environment.

• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.

• Ability to lead development security policies, procedures, standards, and guidelines in alignment with industry best practices.

• Ability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate.

Knowledge of:

• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions.

• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.).

• Expert knowledge of Information Technology, security and data privacy fundamentals, and networking.

Certifications:

• CompTIA Network+ and Security+ Certifications required.

• Either a Computer Hacking Forensic Investigator (CHFI) or Certified Ethical Hacker (CEH) Certification required.

• Either a Certified Information Security Professional (CISSP) or NIST Cybersecurity Framework (NCSF) required. Both preferred.

Shentel provides a drug-free workplace and is an EEO employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, or protected Veteran status.

If you require accommodation or assistance to complete the online application process, due to a medical condition or impairment, please contact a HR Representative at 540-984-5241 or  employment@emp.shentel.com . When you contact a HR Representative please identify the type of accommodation or assistance you are requesting. We will assist you promptly.

For technical issues with the website, please contact  employment@emp.shentel.com . EEO is the Law and Pay Transparency Other details Job Family IT Job Function Corporate Pay Type Salary Apply Now

---