compensation and benefits packages,
Job Summary: The Security Analyst will collaborate with the IT operations architecture team, SRE team, development team, and QA team to ensure security controls are maintained, improved and monitored in a continuously changing technology environment. The Security Analyst will research and respond to security alerts and incidents to minimize the time from alert to remediation. This position contributes in the identification, analysis, evaluation, and adoption of security technologies.
KEY RESPONSIBILITIES INCLUDE, BUT ARE NOT LIMITED TO:
- Maintains security operations by performing or scheduling vulnerability scanning of servers, appliances and web applications. This includes performing web application penetration testing to find vulnerabilities
- Monitors threat intelligence information from various sources to enable rapid response and remediation
- Continuously tunes advanced malware solutions, web application firewall and endpoint security based on threats
- Responds, analyzes and remediates security incidents based on clear understanding of IOCs, monitoring for threats, and breaking down malware
- Works to identify issues at security integration points (WAF and source code scanning) prior to deployment in production.
- Supports security tools such as: SIEM, anti-virus and endpoint security, URL and application control, IDS/IPS, email filtering, and similar
- Works collaboratively with lines of business and IT to implement recommendations
- Manage the life cycle of all security technologies
- Audit internal processes and systems to ensure compliance and identify gaps
- Monitoring, impact analysis, and communication of vulnerabilities and fixes.
- Perform daily reviews of security logs and IDS/IPS logs.
- Complete periodic reviews of device and system changes as well as configuration to ensure compliance
- Review internet access and maintain secure web gateways for corporate users.
- Work with SREs and developers to resolve vulnerabilities and secure systems.
QUALIFICATIONS AND MINIMUM REQUIREMENTS:
- 4-year college degree in Information Security, Computer Science strongly preferred; a mix of education and experience may be considered
- Minimum of two years’ experience in information security and its application in an open source environment supporting software development and Internet services
- General understanding of application security architecture and secure development best practices
- Ability to communicate clearly and effectively with technical and business stakeholders
- Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution
- Demonstrated ability to integrate various security & data protection technologies and controls into a cohesive architecture that successfully mitigates risk to the company
- Deep technical understanding of and experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, audit, secure application development, etc.
- Thorough understanding of the security controls provided in common platforms and applications in the corporate environment including, but not limited to Unix, Linux, Windows, and database systems
- Familiarity with AWS and related security implications and control approaches.
- Self-motivated without the need for signification management oversight
- Experience with control frameworks & compliance mandates with significant exposure to the PCI DSS.
- Information Security Certifications: CISSP, CISA, OSCP
- Experience with agile methodologies and Scrum
- Project management experience
- Experience with Apache, PHP, Java, and Tomcat
- Experience with Cassandra, Oracle, Elastic Search, Splunk
- Experience with Cisco UCS, SAN, Fortinet firewalls, F5 ADCs
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Job performed at a desk in front of a computer.
- Requires heavy use of keyboard and mouse.
- Requires sitting for long periods of time.
- Casual work environment.
Kount offers excellent compensation and benefits packages.
Qualified candidates should submit resumes to firstname.lastname@example.org.
Kount is an Equal Opportunity Employer.