Harvest Sherwood Hiring for IT Security Analyst Job at Remote Full Time

Job description

The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. In addition to working closely with IT and the Business, regular interaction with internal and external auditors, vendors, Legal, Privacy and Ethics is also required of the position.

Job Description

Strategy & Planning

• Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.

Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Operational Management

• Responsible for working in a 24×7 Security Operation Center (SOC) environment
• Provide analysis and trending of security log data from a large number of heterogeneous security devices.
• Provide Incident Response (IR) support when analysis confirms actionable incident.
• Provide threat and vulnerability analysis as well as security advisory services
• Analyze and respond to previously undisclosed software and hardware vulnerabilities
• Investigate, document, and report on information security issues and emerging trends.
• The analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices (ArcSight, Arbor PeakFlow, SourceFire, Palo Alto Networks, etc) which requires demonstrable security incident response experience
• Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups Execute daily adhoc tasks or lead small projects as needed
• Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
• Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability and Threat Management process
• Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors, Antivirus servers, Vulnerability scanners
• Participate in daily and ad-hoc conference calls as well as compliance and controls, self-assessment processes and documentation related tasks
• Guide NOC group on patching the servers, computers in On-Premises and Cloud environments.
• Discover and implement best practices for security into Harvest Sherwood Infrastructure, Operations.
• Work with outside vendors in making Harvest Sherwood environment robust and secure.
• Conduct Phishing campaigns, Mitigate Email threats, recommend GPO policies for server, computers.

Position Requirements

Formal Education & Certification

• College diploma or university degree in Computer Science.
• One or more of the following certifications: Microsoft Certified Systems Administrator: Security

CISM
Certifications from (ISC)² are preferred CEH, CCNA.

Knowledge & Experience

• 3+ years working in the security and operations fields.
• Excellent knowledge of Intrusion Detection (deep TCP/IP knowledge, and Cyber security), various operating systems (Windows, Linux, UNIX, Mac), and web technologies (focusing on Internet security)
• Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
• Exposure on Vulnerability assessment as well as penetration testing, or forensic analysis fields are an advantage
• Extensive experience with Sentinel One EDR solutions, SIEM logging tools is a plus.
• Penetration Testing and/or know-how for hacking tools and ethical hacking is a plus.
• Knowledge of Office 365 Security Dashboards and Alert system.
• Experience with monitoring and implementing Phishing Tools.
• Strong understanding of Firewalls, Switches, Azure Security Framework

Personal Attributes

• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

Work Conditions

• 40-hour on-site/remote work week with on-call availability for high impact operational implementations.
• Travel required on a needed basis to Harvest Sherwood locations.
• Sitting for extended periods of time.

Job Type: Full-time

Pay: $100,000.00 – $120,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee assistance program
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Referral program
• Vision insurance

Schedule:

• 8 hour shift

Experience:

• Information security: 1 year (Preferred)

Work Location: Remote