Information Security Analyst

　　Salt Lake City, Utah

　　The Information Security Analyst follows all processes and procedures necessary to ensure the security of computer systems, data, and networks from intentional or inadvertent access or destruction. This role participates in the information risk management program through oversight and administration of vulnerability scanning tools, data loss prevention tools and security testing and audit of defined controls. This role also provides technical and administrative support for all Information Security related systems, tasks and programs; assisting in determining the adequacy, efficiency, and effectiveness of all the internal information security measures; and interfacing with the user community to understand their security needs and implementing systems and procedures to accommodate them.

　　Duties and Responsibilities:

　　Utilize various security tools to perform security and vulnerability assessments of the internal, external and wireless networks including a SIEM

　　Build documented operational process and procedures to analyze, escalate, and assist in remediation of information security incidents

　　Manage an asset management system to monitor and ensure all devices are under configuration management, monitored and updated

　　Monitor e-mail alerts and web sites for available patches to OS or applications

　　Assist in testing of network security systems and changes to existing network security devices

　　Proactively identify potential threats and develop recommendations for corrective actions based on industry research and patterns identified within the network

　　Perform penetration testing across a wide variety of technologies to include:

　　Operating systems (Windows, Windows Server, UNIX, Linux, MacOS)

　　Web servers, applications and frameworks (i.e. IIS, WebLogic WebSphere)

　　Network devices (routers, switches, load balancers, VPNs, IDS, IPS, firewalls, etc.)

　　Application virtualization

　　Respond to after-hours high-risk incident alerts and escalation

　　Additional responsibilities as assigned

　　Qualifications:

　　Bachelor’s degree in a computer-related field (computer science, information systems) or equivalent experience

　　Cybersecurity-related certifications are a plus

　　2+ years of experience working in information security

　　5+ years of experience working in information technology

　　Knowledge of security frameworks (i.e. CIS Top 20, NIST Cybersecurity Framework, Cobit)

　　Experience with network penetration testing and techniques

　　Ability to work with minimal supervision, self-motivated and organized

　　Excellent interpersonal skills; works well with IT team members and end-users

　　Skill in building consensus among stakeholders and colleagues

　　Understand security operations concepts including perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics

　　Position Benefits:

　　Great yearly bonus program

　　Retirement programs – 401k and profit sharing with potential for 19% from the Company

　　Competitive Health Insurance- Medical, dental, Vision

　　Tuition Reimbursement

　　Disability Insurance

　　9/80 work schedule

　　PrincePerelson & Associates is an Equal Opportunity Employer and we do not discriminate against applicants due to race, color, religion, sex, national origin, age, disability, genetics, veteran status, or on the basis of disability or any other federal, state or local protected class. All applicants applying for U.S. job openings must be authorized to work in the United States.