We are hiring an IT Security Analyst. The Security Analyst’s role is to keep keeping our organization’s proprietary and sensitive information secure. This individual works inter-departmentally to identify and correct flaws in the organization’s security systems, solutions, and programs while recommending specific measures that can improve the Company’s overall security posture.
The Security Analyst is responsible for ensuring that the organization’s digital assets are protected from unauthorized access. This includes securing both online and on-premise infrastructure, meticulously reviewing and understanding the metrics and data to filter out suspicious activity, finding and mitigating risks before incidents or breaches occur. If a breach does occur, the Security Analyst is the frontline, leading efforts to counter the attack.
Additional responsibilities include the generation of reports for IT teams and the organization in order to evaluate the efficacy of the security policies in place. They will then help to propose and make the necessary changes for a more secure network and create training programs and modules to educate employees and users on proper security protocols.
The Security Analyst must work collaboratively with the IT team, our holdings and parent company, and other 3rd party vendors, to ensure the organization’s security systems are up to date, documented, and implement plans and execute all security-related tasks, including incident response and disaster recovery plans.
- Monitor network traffic, security access, and networks for security issues.
- Conduct security assessments through vulnerability testing and risk analysis utilizing IT applications and open-source technologies.
- Validate environment controls to ensure systems are operating securely and data is protected from both internal and external attacks. Perform both internal and external security audits.
- Respond to security incidents and breaches to mitigate risk.
- Analyze and document security incidents or breaches to identify the root cause.
- Continuously update the organization’s incident response and disaster recovery plans.
- Verify the security of third-party vendors and collaborating with them to meet security requirements.
- Recommend and work with IT teams to implement / install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Remediate and test against detected vulnerabilities to maintain a high-security standard.
- Develop and train the organization on IT security best practices.
- Research security enhancements, stay up to date on IT security trends and brief IT teams, and make recommendations to management.
- Maintain documentation on setups, logging, client, server and networking equipment configurations and all policies/procedures.
- Create and maintain instructions for all routinely performed tasks. Document existing enterprise security systems configuration, processes, procedures and recommend improvements and/or alternatives.
- Maintain a broad knowledge of current and emerging security threats / risks, mitigating measures, initiatives, technologies and architectures.
- Perform other IT duties as assigned.
- BS/BA in Computer Science or equivalent experience
- Minimum 5 years in cybersecurity, network and corporate security, computer hardware and software, including the following areas:
- Security Information and Event Monitoring (SIEM).
- Host Intrusion Detection and Prevention Systems (HIDS/HIPS).
- Enterprise security controls.
- Security Orchestration and Automated Response.
- Incident Response Programs.
- Open-source and OTS cybersecurity toolsets.
- Microsoft and Linux platforms.
- Ability to troubleshoot through Open Systems Interconnection (OSI)Model:
- Network security monitoring, traffic analysis, packet capture.
- Network Access Control technologies.
- Transmission Control Protocol and the Internet Protocol (TCP/IP) networking and routing protocols.
- Implementing multi-factor authentication.
- Experience with the following technologies preferred:
- Data Loss Protection.
- Forensic Software Suites.
- Network Infrastructure.
- Virtualization Platform Security.
- Operating Systems Security.
- Access Management Security.
- Privileged Access Management.
- Certifications (or equivalents):
- System, Network and Data Security are preferred.
- Global Information Assurance Certification (GIAC) is preferred.
- SANS Cybersecurity preferred.
- Major desktop and server operating systems, applications, network and security protocols and monitoring tools, Microsoft products, Unix, Linux, and Mac operating environments; additional knowledge of all equipment listed throughout this job description is required.
- Ability to speak, read, and write English proficiently
- Good oral and written communication skills
Principals only. No recruiters please.
FUJIFILM Irvine Scientific is an equal opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran status, or any other characteristic protected by applicable federal, state, or local law.