Senior IT Security Analyst
County Hwy-3 Melville, New York 11747
Position: Senior IT Security Analyst
Location: Melville, NY
Must be able to interview and work onsite
Performs monitoring and support for information technology systems and services related to security, network, applications, and infrastructure operations. Trains analysts and may direct workload.
- Leads and manages the security incident escalation procedures to counteract potential threats and/or exploited vulnerabilities.
- Functions as a subject matter expert for Security Information Event Management (SIEM) technology. Directly monitors and analyzes events, along with responding to alerts and notifications.
- Analyzes threat intelligence data and indicators of compromise.
- Maintains knowledge of latest attack strategies and implements protection strategies.
- Investigates suspicious network and endpoint activity.
- Supports end-user security issues; including phishing, encryption and infected computer systems.
- Partners with information security engineers to implement and maintain security technologies.
- Participates in vulnerability management, including performing scans and coordinating remediation activities.
- Prepares system security reports by collecting, analyzing and summarizing data trends.
- Coordinates knowledge sharing with other analysts and develops solutions that minimize impact from security incidents. Documents and conforms to processes related to security monitoring.
- Reviews requests for security policy exceptions.
- Performs other operational support duties, as required.
- High School Diploma or equivalent, required. Knowledge of Computer Science or related field(s) typically acquired through the completion of a Bachelor’ s Degree or equivalent technical security certification (e.g. CISM, CISSP), preferred.
- Minimum of five (5) years progressive related IT Security experience, required.
- Experience with some of the following security technologies: Firewalls, Next Gen Firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, Content Filtering, Two-Factor Authentication, Email and Endpoint Encryption, Email and Endpoint Protection, Network Access Control, Web Application Firewalls, Data Loss Prevention, Netflow Monitoring, SIEM Solutions, DDoS, Active Directory / ADFS / Single Sign-On, Public Key Infrastructure / Certificate Services, required.