Job Description

Cyber Security Analyst

Direct Hire Fulltime Role

Salary Range: $80,000 - $100,000 per year

Location: Doral, FL - Remote Role

Summary:

As the Cyber Security Analyst/Security Engineer, your primary purpose is to lead security controls reviews on endpoints, network, email gateway, cloud infrastructure, etc., and guide tuning tools/hardening, ensuring compliance, including the daily operational monitoring and escalation of information security events and the examination of these events for context and criticality. This position is responsible for collecting and monitoring risk metrics from operational security controls such as vulnerability scanning, system patching, penetration testing, and other security event sources.

The successful candidate will be responsible for providing frontline cyber incident response services while managing projects to implement operational improvement initiatives. This position will help lead collaboration and ensure alignment with cybersecurity organizations located across multiple geographic sites and responsible for the comprehensive cyber defense of over 70 retail houses worldwide.

Essential Duties & Responsibilities:

Cyber Security Enhancements:

• Manage Projects to implement new security solutions on time and within budget.
• Design and Build new security solutions to improve the organization\'s security posture.
• Reconfigure existing security platforms to reduce cyber security risk scores.
• Apply security-related changes to firewall and network switches.
• Apply security-related changes to web/hypervisor/SAN and related servers.
• Recommends and participates in the analysis, evaluation, and development of enterprise long-term strategic and operating plans to ensure that the IT objectives are consistent with security best practices
• Collaborates with all relevant parties to review the objectives and constraints of each solution and determine conformance with the existing network architecture standards. Recommends the most suitable technical architecture and defines the solution at a high level
• Research new attack vectors and technologies to mitigate the potential threats
• Reviews, develops, tests, and implements security plans, products, and control techniques.
• Work with the Enterprise Services team to design security services and implement security architecture improvements.
• Identify unsupported applications or otherwise insecure technologies and work on updating them or removing them from the network.

Incident Review and Mitigation:

• Manage the Security Operations Center Team to monitor and improve an organization\'s security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.
• Lead response and investigation efforts in data security incidents, provide an after-action report, and design corrective actions.
• Coordinate communications with the PR team if public announcements are required.
• Monitor for new vulnerabilities, identify risks, and lead mitigation efforts.
• Ensure security patching is up to date - Collaborate with the Enterprise Services team as required for assistance.
• Track operational metrics related to alerts, incidents, and vulnerabilities. Review incidents identified by the SOC and action as appropriate.

Policies and Procedures:

• Review legal documents relating to Governance policies and lead discussions with the legal team. Advise the executive team on how new Cyber Security Laws will affect operations.
• Create and update Security Policies and Procedures to include tactics, techniques, standard operating procedures, and security controls.
• Enforce Cyber Security Policies across the organization. Potentially including evidence if disciplinary action is deemed appropriate
• Lead Cyber Security awareness training across the organization
• Review system configurations for unapproved changes. i.e., additional access, firewall rules, etc.
• Partner with Internal Audit to ensure compliance with all company security controls
• Partner with External Audit to ensure compliance with all financial security controls
• Lead the Change Advisor Board. Ensuring changes are not putting operations of the organization at risk of failures or security incidents

Knowledge, Skills & Abilities:

• Strong knowledge of incident response and crisis management with the ability to identify both tactical and strategic solutions using strong verbal and written communication skills
• Understanding of network, desktop, and server technologies, including experience with network intrusion methods, network containment, segregation techniques, and technologies
• Cloud security knowledge and skills; securing cloud environments as well as detecting and responding to cyber security incidents in the cloud
• Log (network, security, access, OS, application, etc.) analysis skills and experience identifying and investigating security incidents.
• Strong knowledge of CheckPoint, Palo Alto, or Fortinet Firewalls
• Experience with Rolling out Bitlocker enterprise-wide
• Strong knowledge of PAM, IPAM, and IAM Solutions
• Knowledge of the Technologies and Products, including Web Proxy Filtering, EDR, and WAF
• Excellent written/oral communication, interpersonal, and problem-solving skills
• Able to thrive in both independent and collaborative work environments
• Dedicated, innovative, and self-motivated team player
• Able to effectively oversee multiple and concurrent projects/responsibilities
• Ability to work flexible hours, days, and shifts
• Ability to learn quickly and work independently with or without direct supervision
• Ability to represent the IT Department professionally to clients
• Ability to maintain a positive mental attitude in a highly flexible environment

Education and Experience:

• Bachelor\'s degree in Information Technology or an accredited Security Certification Authority is required
• Risk management experience
• Ability to handle level 3 security issues
• Knowledge of regulatory frameworks desired (e.g., PCI, SOX, GDPR, SSAE16, ISO 27001)
• 5 years as a senior network administrator

Bayside Solutions, Inc. may collect your personal information during the position application process. Please reference Bayside Solutions, Inc.\'s CCPA Privacy Policy at www.baysidesolutions.com.

Bayside Solutions