Wednesday, September 02, 2015

Security Jobs: Senior IT Security Analyst, Sacramento, CA, Relocation Available

Senior IT Security Analyst
Status: Newly Created Position
Location: Sacramento, CA
Relocation: Some
Compensation: $100,000+ has been engaged to build an Information Security and IT Risk Management team.  This role contributes to the overall Information Systems Risk Management Program. The Senior IT Security Analyst analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities and recommends solutions and best practices. This position is responsible for analyzing and assessing damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes and recommends solutions. The Senior IT Security Analyst will also test for compliance with security policies and procedures, as well as assist in the creation, implementation, and/or management of security solutions as needed.
  • This position is part of a 24x7 on-call rotation for Incident Response.
  • Essential Duties & Responsibilities .
  • Performs log analysis and define security filters and rules for implementation within the Security Information and Event Management (SIEM).
  • Gathers and distributes technical information pertaining to new security threats and vulnerability trends.
  • Confirms that all monitoring and activity reports scheduled to run, have successfully completed.
  • Executes daily operational checklists and tasks such as: Log analysis and review
  • Vulnerability management activities, Management reporting, Alert analysis, Adding, modify and deleting filters, Verifying that escalation follow-up activities have been accomplished, Investigating suspicious security event activity, Maintaining and enforcing adherence to standards, policies and procedures, Verifies correct security feed settings and more.
  • Understand the latest security information in order to validate the security analysis and identification capabilities of the monitoring technologies.
  • Understand security device outputs and functions; primarily firewall, IDS/IPS, router, switch, etc. for device vulnerabilities or security issues.
  • Research and understand the currently published vulnerabilities of enterprise hardware, operating systems, and applications.
  • Act as a lead for Information Security assessments and recommend appropriate and cost effective controls to address identified security-related risks.
  • Serve as a lead in the development and implementation of application and infrastructure security programs.
  • Serve as a lead in the development and implementation of user account security.
  • Guide and mentor junior members of the team

  • US Citizenship with the ability to obtain government clearance.
  • BA/BS in Computer Science, Information Security or other related field preferred. 
  • An industry recognized information security certification, such as a CISSP (or Associate), SSCP, CEH, or equivalent
  • At least one technical certification related to a major platform (IBM, Microsoft or Cisco)
  • Minimum five years Information Technology and/or network experience that includes a minimum of three years Information Security related experience. 
  • Minimum one year supervisory or team lead experience.
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.
  • Ability to work outside of regular business hours as required which can include evenings, weekends and holidays.
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
  • Hands on security knowledge of one or more of the following platforms: Windows / Unix / Linux.
  • Strong analytical, technical, and problem solving skills.
  • Experience with DNS, NTP and Citrix, TACACS, IDS, IPS and various SIEMS.
  • Working knowledge of protocols and technologies such as TCP, UDP, SSL, FTP, SMTP, NetBIOS and DHCP.
  • Working knowledge of HTML, CSS, JavaScript and WML.
  • Ability to interpret information security data and processes to identify potential compliance issues.
  • Ability to quickly understand security systems in order to identify and validate security requirements.
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.
  • Excellent interpersonal, organizational and technical writing skills
  • Ability to be a self-starter who is accountable, requires minimal supervision and is open to new ideas.
  • Ability to work in a large, dynamic and complex organization, requiring creativity and flexibility.
  • Possess the personal characteristics of professionalism, credibility, commitment to high standards, innovation, discriminating judgment and accountability.
  • Excellent leadership skills and teamwork skills.

Apply On Line:'s Security Recruiter Blog