The Information Technology department is responsible for resolution of vulnerabilities identified by Security Services. These vulnerabilities are created by application code scans, infrastructure vulnerability scans, manual security testing and other sources.
The IT Security Analyst role is responsible for assisting with these vulnerability resolution activities, including administrative tasks required, and in some cases leading the resolution activities. This role is also responsible for other tasks and initiatives including managing vulnerabilities, processing risk acceptances or extensions, activities related to creating IT Security metrics, and other and other activities as they arise.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
• Work with Security Product Team Lead administer and manage the Product Team as well as the vulnerability management program, including documentation gathering, data gathering and analysis, development of training and other materials, and other tasks.
• Facilitate communication with IT subject matter experts on security related issues, including gathering and obtaining agreement on requirements and tasks necessary to resolve specific vulnerabilities.
• Assist with the development and advancement of key risk indicators
• Analyze and verify information obtained from IT and Security areas for risk reporting and other purposes. Create metrics based on this information for management reporting.
• Participate in the Security Product team meetings, Patching and Vulnerability Management meetings, Cyber Security Working Group meetings, and other meetings as appropriate
• Understand OCC’s Risk Management Framework (RMF) and improve / monitor key risk indicators to support management and board-level reporting and decision-making
• Assist in identifying or developing tools or methods to track and monitor risk
• Support management with special projects and other duties as assigned
The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• Basic IT knowledge including networking, Linux and Windows server configuration, application development and related topics.
• Basic knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network systems such as routers, firewalls, load balancers, mail transport systems and cyber security.
• Willingness to build, maintain, and foster relationships with assigned business functions (Security, IT, Enterprise Risk Management etc.)
• Excellent written, verbal and presentation skills, ability and desire to work directly with senior management
• Proficient in designing and producing high quality reports and presentations
• Strong team orientation and ability to collaborate effectively in department and cross-departmental efforts
• Ability to translate technical security information into risk management deliverables that will be consumed by management
• Self-starter, who is organized, can multi-task and manage time effectively
• Proficient in Microsoft Excel, including experience using lookups, pivot tables and macros preferred
• Proficient in Microsoft Word and PowerPoint
• Basic general IT and security knowledge:
o Basic knowledge of Linux operating systems
o Basic knowledge of Windows server and desktop operating systems
o Basic knowledge of Cisco switches and routers
o Basic knowledge of firewall and intrusion detection systems
o Basic understanding of data loss prevention, threat protection and anti-malware tools
o Basic knowledge of Amazon Web Services (AWS)
o Vulnerability assessment tools (Qualys, nmap, etc.)
o Operating system hardening procedures (Linux, Windows, etc.)
o Network sniffers and packet tracing tools (Ethereal and tcpdump).
o Encryption technologies (PGP, PKI and X.509)
o Directory services, LDAP, and their inherent security (Active Directory, CA Directory).
o Proxy and caching services.
Education and/or Experience:
• Bachelor’s degree in Computer Science, Engineering, or other related field.
• Hands-on IT or security operations experience
• Basic knowledge of threat actor capabilities, intentions, methodologies and motives.
• Familiarity with computer network exploitation and network attack methodologies.
• Industry knowledge of security technologies and methods
Certificates or Licenses:
• Be willing to complete a certification in first 12 months in the role (CISSP, CompTIA Security+, MCSE, CCNA)