84 Lumber
IT Security Analyst
At a glance
Location: US-PA-Eighty Four Map
Posted: 06/20/2020
Closing: 07/19/2020
Degree: Not Specified
Type: Full-Time
Experience: Not Specified
84 Lumber
Job description

The Information Security Analyst will support the security policies, practices, procedures, and technologies in order to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security consultant within the organization, helping ensure corporate security controls are effective. This role will also be involved with day-to-day security operations by responding to security events of interest, recommending corrective action by working with IT and non-IT team members and coordinates the implementation of security services. 
  • Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to:
    • IPS/IDS alerts
    • application firewall alerts
    • malware alerts
    • change detection (FIM) alerts
    • rogue wireless network alerts
    • security system health alerts
    • exploit attempt alerts
  • Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to:
    • Payment Card Industry (PCI) Data Security Standard (DSS)
    • emerging state and Federal privacy laws
    • general security auditing
  • Participate in a vulnerability management program that includes:
    • external and internal vulnerability scans of applications and systems
    • external and internal penetration tests of applications and systems
    • documentation and remediation of identified vulnerabilities and exploits
    • routinely monitoring various communication avenues for security vulnerabilities and security patches
    • taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environment
    • making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
  • Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
  • Acts as the initial point of contact to facilitate the handling of security incidents and requests, conducts technical investigations resulting in successful root cause analysis of intrusions, and make real-time decisions about incidents as they occur
  • Completes audits of system security to ensure compliance with security policies
  • Evaluate security tools and processes in conjunction with the Director Information Security and the IT team. Recommend improvements to security tools, configurations, processes and policies
  • Conducts network monitoring and intrusion detection analysis using various tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, and SIEM
  • Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies 
  • Assist with the development and delivery of information security awareness training programs
  • Maintain documentation that supports the annual PCI compliance attestation
  • Provide subject matter expert consultation to 84 Lumber associates on cyber security matters
  • Knowledge of information security standards and the importance of information security ensuring ongoing mission critical business functions
  • Knowledge of Information risk concepts and principles, and relating business needs to security controls
  • Knowledge of the principles, practices, theories and concepts of information security related to network, workstations, servers, and applications
  • Bachelor's degree with 5-7 years of experience in IT with at least 3 years of related, relevant cyber security experience
  • Security+, SSCP, CISSP or similar certification highly desirable
  • Must be a team-oriented individual who works well with others and strives towards the group's overall success.
  • Self-starter with initiative and drive for continuous improvement.
  • Demonstrate strong organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations and take effective action.
  • Capable of articulating complex technical concepts or scenarios to both technical and non-technical audiences

Job requirements
Required Skills
Required Experience
IT Security Analyst