The Information Security Analyst reports to the IS Security Manager in our DTLA campus. The Information Security Analyst role includes both operational and planning aspects. The operational functions are the day-to-day operations of the in-place security solutions and the identification, investigation and resolution of security events detected by those systems as well as conduct of audits and assessments. The planning functions include involvement in the implementation of security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures. The Information Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals and refining those policies, procedures and guidelines where appropriate.
 
Responsibilities
 
Strategy & Planning

• Participate in the implementation of enterprise security architecture, under the direction of the IT Security Manager, where appropriate.

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Manager, where appropriate.

• Participate in the implementation and audit of secure software development policies, standards, baselines, guidelines and procedures under the direction of the IT Security Manager, where appropriate.

• Participate in the implementation of Business Continuity and Disaster Recovery Plans, under the direction of the IT Security Manager, where appropriate.
 
Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

• Perform integration and enhancement of existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
 
Operational Management

• Maintain up-to-date baselines for the secure configuration and operations of in-place devices, whether they be under infosec’s control (i.e., security tools) or under IT/Other control (i.e., workstations, servers, network or lab devices, etc.).

• Maintain operational configurations of all in-place security solutions as per the established baselines.

• Monitor all in-place security solutions for efficient and appropriate operations.

• Review logs and reports of all in-place devices, whether they be under infosec’s control (i.e., security tools) or under IT/Other control (i.e., workstations, servers, network or lab devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.

• Participate in investigations into problematic activity.

• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.

• Provide on-call support for in-place security solutions.

 

Position Requirements
 
Formal Education & Certification

• College diploma or university degree in the field of computer science or 3 years equivalent work experience.

• InfoSec certification or 2 years information security work experience.
 
Knowledge & Experience

• Familiarity with Wireshark, IPS/IDS and network scanning tools.

• Familiarity with a common SIM solution or Splunk or ElasticStack.

• Familiarity with vulnerability assessment tools.

• Experience writing or auditing firewall rules in at least one common firewall (Cisco, IPTables, pf, JunOS, etc.)

• Good understanding of TCP/IP.

• Working technical knowledge of wireless networking technologies.

• Familiarity with computer architecture fundamentals – cpus, interrupts, memory protection, storage architecture, virtualization, etc..

• Familiarity with cloud technologies and paradigms such as AWS.

• Experience solving operational problems in at least one scripting language preferred (Python, Ruby, bash, Powershell, VBScript, etc..

• Strong understanding of discretionary access controls.

• Experience with Windows and Linux operating systems, common services and logs (syslog, EventLog). Familiarity with MacOS, Apple technologies.

• Solid understanding of web application architecture or multi-tier application architecture.

• Familiarity with authentication technologies such as HTTP basic auth, NTLM, Kerberos, LDAP or RADIUS. Knowledge of multi-factor authentication, smart cards, OTP, etc..

• Familiarity with encryption technologies and products such as BitLocker, PGP, FileVault, or encfs.

• Familiarity with Windows Group Policy and Security Configuration Management.

• Familiarity with OWASP Top 10

• Knowledge of CIS Benchmarks and other baselines.

• Familiarity with CVEs and vulnerability management.
 
Personal Attributes

• Proven analytical and problem-solving abilities.

• Ability to effectively prioritize and execute tasks.

• Good written, oral, and interpersonal communication skills.

• Ability to conduct research into security issues and products as required.

• Able to quickly get up to speed on an unfamiliar protocol or technology as needed.

• Highly self-motivated and directed.

• Keen attention to detail.

• Team-oriented and skilled in working within a collaborative environment.
 
Work Conditions
• 40-hour on-site work week with on-call availability.

• Up to 20% travel required.

• Sitting for extended periods of time.

• Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, and other computer components.

• Lifting and transporting of moderately heavy objects, such as computers and peripherals.