Job Title: IT Security Analyst Senior
FLSA Status: Exempt
Department: Information Technology
Reports to: Manager of Information Technology
Flex Work Eligible! This position qualifies for the Flexible Work Policy. Employees receive 75 work days annually to work remote! The initial amount of days is prorated for the first year based on start date.
JOB DESCRIPTION:
This position will work with the Director of IT to monitor the network for security breaches and conduct investigations of violations. The analyst takes part in designing and implementing security protocols, applications, and processes designed to secure the company, data, and applications Loram utilizes. The role installs and maintains security software and/or systems including Access Control, segmentation, firewalls, MFA, remote access, spam, and web filters. Monitors for security-related events and ensures data is protected from unauthorized users. Produces security reports for management, security committee, and board. Assists technology services with device hardening, vulnerability remediation, and security violations. Regular testing including a review of processes and penetration testing will be used to review company compliance with the security roadmap that has been laid out.
KEY DUTIES AND RESPONSIBILITIES:
- Analyzes security logs to identify threat events; triage and respond accordingly to security incidents following internal security protocols.
- Configures security controls in all systems and IT infrastructure by policy, standards, and procedures.
- Tests network security controls; coordinating remediation efforts and closure of any identified issues.
- Acts as the first line of support for triage and remediation of support tickets related to security and tracks ongoing support issues.
- Stays current with IT security trends and standards through local special interest group involvement and monitoring online information sources.
- Stays current with released security features of internal IT systems and software.
- Maintains confidentiality and integrity in dealing with sensitive information systems and processes.
- Works with Infrastructure and Application teams to establish a Disaster Recovery solution and the testing of it.
- Works with facilities teams to ensure that physical security systems are operational and implemented correctly.
ESSENTIAL JOB FUNCTIONS:
Problem Solving and Decision Making
- Anticipate or recognize the existence of a problem.
- Commit to a solution promptly, and develop a realistic approach for implementing.
Critical and Analytical Thinking
- Possess sufficient logic, inductive, and deductive reasoning ability to perform the job successfully.
- Concludes from relevant and/or missing information.
Planning and Organizing
- Develop and execute security plans for all environments which include new functionality, migrations, and expansion.
- Ability to prioritize, approach work in a methodical manner; work concurrently on several tasks, plan, and schedule tasks so that work is completed on time.
Communication
- Express relevant information appropriately to individuals or groups considering the audience and the nature of the information.
- Create documentation of environment configuration and how each area should be supported.
Compliance
- Abide by a Code of Ethics for professional conduct. Follow governance, risk management, and compliance guidelines.
BEHAVIORAL COMPETENCIES:
- Values Based
- Action Oriented
- Creating a Service Reputation
- Problem Solving
- Technical Learning
REQUIRED QUALIFICATIONS:
Education: Bachelor's degree in information technology or related field.
Experience:
- 5+ years of information security experience including defining security programs within companies.
- Experience with the translation of penetration testing and security assessments preferred.
- Understanding of firewalls, network switches, proxies, SIEM, antivirus, and IDPS concepts.
- Good verbal & written communication skills.
- Able to work with very little supervision in a fast-paced environment.
- Facilitates administrator and end-user IT security training.
- Or 9+ years equivalent combination of education and applicable experience.
PREFERRED QUALIFICATIONS:
Knowledge, Skills, and Abilities:
- Microsoft Security Certification.
- Computer Hardware, Windows 10 OS, and other software support.
- Azure AD and broader Azure applications.
- PowerShell scripting, Power Platform applications (Power Apps, Power Automate), MS Intune, SCCM.
WORKING CONDITIONS:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Office deskwork, requiring sitting, walking, using phone & computer.
- May lift up to 30 lbs. occasionally.
- Ability to travel up to 10% including international travel.
Rev: January 2024
Loram is an Equal Opportunity Employer and will make all employment-related decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, marital status, familial status, status with regard to public assistance, membership or activity in a local commission, protected veteran status, or any other status protected by applicable law.