Security Analyst
Salary undisclosed
Apply on
Original
Simplified
Summary:
The Security Analyst will be responsible for managing and enhancing the security posture of the organization by ensuring compliance with GRC (Governance, Risk, and Compliance) requirements, implementing security frameworks, and continuously monitoring systems for vulnerabilities. This role involves hands-on technical work in securing both applications and networks, as well as developing and enforcing security policies across the group.
Key Responsibilities
- Oversee the implementation and maintenance of GRC frameworks and standards.
- Conduct regular risk assessments and audits to identify potential vulnerabilities and ensure compliance with industry regulations.
- Develop and implement effective remediation plans for identified risks.
- Implement and manage security frameworks such as ISO 27001, NIST Cybersecurity Framework, or CIS Controls and ensure adherence to industry best practices and regulatory requirements.
- Possess in-depth knowledge of security solutions (Zscaler, CrowdStrike, Rapid7), configure, manage, and troubleshoot these tools to protect the organization's IT infrastructure.
- Craft and implement security policies, standards, and procedures to guide the organization's security practices.
- Demonstrate hands-on technical experience in application and network security, including vulnerability assessment, penetration testing, and incident response.
- Implement and maintain endpoint security solutions, firewalls, and software updates.
- Install, configure, and maintain security software to protect data systems and networks.
- Simulate data loss scenarios to evaluate the effectiveness of existing recovery plans and make necessary adjustments.
Education and Experience
- Bachelor's degree (or equivalent) in information security, computer science, technology, or related fields.
- 5+ years of experience in cybersecurity at a midsize company. This experience should demonstrate:
- Deep knowledge of IT, including hardware, software, and networks.
- Extensive knowledge of security frameworks.
- Ability to identify and diagnose threats using critical thinking and analytical skills.
- Ability to develop effective procedures and plans through strong problem-solving skills.
- Strong oral and written communication skills to:
- Write reports.
- Train staff.
- Collaborate with other IT team members.
- Excellent organizational skills to create clear and easy-to-read reports.
- Knowledge of security solutions such as Zscalar, Crowdstrike, and Rapid7 is preferred.
- Ability to work successfully in both individual and team settings.
- Certifications such as CISSP, CISM, or CEH are a plus.
Similar Jobs