Information Technology Security Analyst

Specific Qualifications, Knowledge, and Skills:

Hands-on experience conducting vulnerability assessments using Tenable,

including scan configuration, interpretation of results, and remediation tracking.

• Proven ability to triage and respond to Information Security incidents, events, and related service tickets in a timely and professional manner.

• Practical knowledge in deploying, tuning, and supporting endpoint protection platforms such as CrowdStrike Falcon.

• Familiarity with enterprise SIEM platforms and forensic tools such as EnCase, with the ability to correlate logs and support investigative tasks.

• Proficiency in system administration for both Windows and Linux environments, including patching, configuration management, and baseline hardening.

• Working knowledge of key security frameworks including NIST SP 800-series and ISO/IEC 27001/27002, with an understanding of their practical application.

• Demonstrated experience in conducting system security reviews, risk assessments, and vulnerability or penetration testing activities in production or test environments.

• Strong foundational understanding of threat vectors, threat actor tactics, and system vulnerabilities across on-prem and cloud platforms.

• Experience working with and supporting a wide range of security tools and technologies related to endpoint, network, cloud, and log management.

• In-depth understanding of attack surface analysis and the impact of various exploitation techniques on business systems and infrastructure.

• Technical proficiency in areas such as Security Information and Event Management (SIEM), network protocols (TCP/IP, UDP, IPSEC, HTTP/S, routing protocols), malware analysis (infection paths, behavior), and system-level troubleshooting.

• knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open-source information collection platforms), cryptography, Microsoft Active Directory.

• Proven competency in the use of MS Office applications (Word, Excel, PowerPoint, SharePoint, Teams)

• Strong work habits, time management and self-organization

• Excellent communication skills (verbal/written), including the ability to provide technical reports.

Required Licenses or Certifications:

One or more of the following certifications:

Certified Information Systems Security Professional (CISSP) (strongly preferred)

o CompTlA Security+ o GIAC Information Security Fundamentals

o Microsoft Certified Systems Administrator: Security

• Associate of (ISC)2

• ITIL and Project Management certification a plus.

Education & Experience:

Bachelor’s degree in computer science, information technology, business administration, engineering, or closely related field and five years of information technology experience

with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.

• At least 4 years of systems security and administration experience.