Lead Security Analyst Job Description Template
Our company is looking for a Lead Security Analyst to join our team.
Responsibilities:
- Conducts violation / vulnerability report review; coordinates IT risk mitigation;
- Performs vulnerability assessments; conducts compliance activities in response to internal and external audits;
- Learns new tools and technologies quickly including identity management and next generation firewall technologies;
- Assists IT Security Architect with IT security reviews and signoffs for new systems development projects;
- Keeps fully abreast of trends and changing technologies related to information security fields;
- Maintains / enforces security policies and standards;
- Assists with security assessments for potential business partners;
- Management & support of firewall/UTM infrastructure;
- Manages multiple priorities and follows a project plan to meet project deliverables;
- Executes security incident response procedures in accordance with threat levels;
- Advises project teams on security best practices;
- Assists with security scans (vulnerability scans, static/dynamic code scans) and remediation of findings;
- Investigates IT security violations, known vulnerabilities, and data breaches;
- Performs analysis of application security tool needs; contributes to design, integration, and installation of hardware/software;
- Manages security events, analyzes, troubleshoots, and corrects (either directly or indirectly) issue related to security incidents.
Requirements:
- Prior experience securing various operating systems in a corporate environment (i.e., Windows, Unix);
- Prior experience evaluating application vulnerabilities and recommending remediation;
- Self-motivated and independent learner;
- 8+ years’ experience in information technology;
- Proven ability to adjust quickly to shifting priorities, multiple demands, ambiguity and rapid change;
- Team player with excellent interpersonal skills;
- Familiarity with SIEM Solutions such as QRadar and Vulnerability management solutions such as Tenable Nessus;
- Recent direct experience in implementing security for applications, databases, and networks;
- Ability to communicate effectively in English, both written and verbal;
- Familiar with Agile development processes;
- Experience in various security tools such as MicroFocus, WebInspect and HP Fortify;
- Experience working with audit, compliance, operational risk, regulatory, and/or control functions;
- Ability to handle multiple projects;
- Experience with PCI/ISO27001;
- Experience with Next Generation Firewalls or UTM.