IT Security Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the it security analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

J Lind

Justice

Lind

324 Jaskolski Forest

Chicago

+1 (555) 579 8603

324 Jaskolski Forest

Chicago

Phone

p +1 (555) 579 8603

Experience Experience

Los Angeles, CA

IT Security Analyst

Los Angeles, CA

Reichel, Rippin and Mosciski

Los Angeles, CA

IT Security Analyst

Develop a working relationship with personnel and a comprehensive working knowledge of our clients Security system
Assists in developing an overall change management strategy for Cloud Operations
Assist with identifying improvement opportunities for internal processes managed by the Security & Compliance Team,
Manage work distribution between incident, requests, and project work
Knowledge of security technologies such as Malware, Network Intrusion Prevention, Security Information Event Management systems
Provides networking and information security services for internal and external network infrastructure
Assist in the development and improvement of the Incident Response policy and process

Dallas, TX

Lead IT Security Analyst

Dallas, TX

Stiedemann and Sons

Dallas, TX

Lead IT Security Analyst

Assists in Continual Service Improvement efforts by identifying opportunities for process improvement. Drives some process improvement efforts
Assist in performing risk assessments and penetration testing of internally- and commercially-developed applications (web, desktop, and mobile) systems
Perform maintenance of identity and access management workflows
Create and assist in ensuring adherence to CHI network and security installation standards and the maintenance of all associated documentation
Perform MAR testing and assist process and control owners to perform their own self testing
Manage workload, prioritizing tasks and documenting time, and other duties as directed by management
Assist with the maintenance of identity and access management workflows

present

Philadelphia, PA

Senior IT Security Analyst

Philadelphia, PA

Klein-Goodwin

present

Philadelphia, PA

Senior IT Security Analyst

present

Reviews work performed by other analysts and provides recommendations for improvement
Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
Detailed security knowledge including technologies such as Malware, Network Intrusion Prevention, Security Information Event Management systems
Provide assistance to other security teams when requested or may perform other duties in special projects as assigned
Proficiency in Active Directory Management and network security
Establish and manage overall project plans for small to medium size efforts
Conduct quality assurance (QA) on work performed within the team

Education Education

Bachelor’s Degree in Computer Science

Texas A&M University

Bachelor’s Degree in Computer Science

Skills Skills

Knowledge and experience with vulnerability scanning solutions such as Qualys, Rapid7, Nexpose, and Tenable Nessus
A commitment to quality, attention to detail and up to date knowledge of relevant technologies is essential
Expected to design, install, configure and maintain applications and hardware in a highly available and scalable environment
Basic knowledge of databases and SQL queries
Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data
Knowledge of the CVE vulnerabilities library, vulnerability and risk assessment
Demonstrated knowledge and understanding of IT security trends and emerging technologies and an ability to relate them to Stanford and its objectives
Excellent work ethic, self-starter, strong interpersonal skills
Self-motivated with excellent organizational skills and attention to detail
Business savvy including the ability to see the big picture and the ability to effectively influence others

Create a Resume in Minutes

15 IT Security Analyst resume templates

Read our complete resume writing guides

Lead IT Security Analyst Resume Examples & Samples

10-12 years of Information Technology experience at least six of which were in a security related area
4-5 years of experience in network administration
3-4 years in Team technical leadership and project management and 3-4 years team management
Strong work ethic; ability to work independent of direct supervision;Must be a team player, drawing energy and drive in working with others (collaborative)
Detail oriented and analytical; organized (meticulous with regard to documentation and change management activities)
Strong verbal and written communication
Experience in leading technical teams
Provided team performance reviews and set goals based on a longer term roadmap for individual SMEs
Strong Project management Skills
Experience managing firewall /IPX /IDX / Load balancer / Network equipment / WAN Optimization
Setting up VPN, Wireless
Experience with Palo Alto firewalls, SIEM technology and Splunk security log management, cloud security, server virtualization hardening
Functional understanding of overall computing environment (Network, Operating Systems, Client Platforms, Firewalls, Cloud)
Cloud management
Experience with working with internal Audit
Experience working with information security function in relations with enforcing security policies
Experience working with compliance function

IT Security Analyst Resume Examples & Samples

Interview stakeholders and gather data about the system
Prepare initial and in-depth analysis of applicable threats, vulnerabilities, controls and resulting risks (IT Risk Assessments)
Participate in initiatives to improve Risk Assessment processes and tools across the company
Act as a mentor for junior colleagues; lead trainings and awareness presentations

IT Security Analyst Resume Examples & Samples

Perform application role administration for enterprise applications
Create and/or maintain documented identity and access control standards, processes, and procedures in accordance with company policy and best practices
Perform maintenance of identity and access management workflows
Identify and implement improvements to overall role request processes
Provide excellent customer service by meeting or exceeding service level agreements
Act as a liaison between lines of business and Information Technology to proactively assess security needs
Facilitate user access reviews, coordinating with managers and business contacts and taking proper action on identified exceptions
Consistently participates in and contributes to projects
Ongoing process improvement- works with customers and business partners to continually streamline the access request process
Provide on-call support on an as-needed basis for business-impacting issues, including after-hours support
2-4 years' experience in a security-related function; specialized training or four (4) years additional experience may substitute for a degree
Knowledge of identity and access management audit requirements
Familiarity with various authentication technologies
Ability to understand, envision and maintain strategy as defined by architecture and employ the concepts and ideas within the business environment
Comfortable with presenting and working with senior level management and executives

IT Security Analyst Resume Examples & Samples

General Management
Marketing
Other

Senior IT Security Analyst Resume Examples & Samples

You possess a Bachelor's degree from an accredited college and/or university (Information Technology) or equivalent experience
You have 3 years or more of RMF or NIST knowledge requirements
You have 3 or more years with experience with reviewing Intrusion Detection reports incident response and computer forensic experience
You have 3 or more years of identifying application development security concerns and the ability to define and test application security requirements
You have an understanding of application assessment software (WebInspect or others)
You can make informed decisions quickly and leverage your communication abilities to implement them

IT Security Analyst Resume Examples & Samples

Participate in IT Security projects in support of Sikorsky’s Business Strategy
Provide support for Sikorsky IT Security & Compliance metrics
Work with project teams to architect & ensure secure compliant solution implementations
Work with Export Control to assess and identify corrective actions for Export findings
Identify and implement process improvement initiatives

IT Security Analyst Resume Examples & Samples

Designing and writing scripts to automate repetitive functions
Developing and Reporting on Key Performance Indicator (KPI) metrics
Performing configuration changes in production, as required, ensuring that the bank’s change management policies and procedures are adhered to
Performing and coordinating application deployments into the various test environments
Maintaining technical documentation (e.g. training, troubleshooting, deployment procedures)
Performing version upgrade planning and deployment to meet currency requirements

IT Security Analyst Resume Examples & Samples

Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or GCIH a plus
Experience in information security or related technology experience required, experience in the securities or financial services industry is a plus
Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)

IT Security Analyst Resume Examples & Samples

Define local IT standards/guidelines and involved in the review for global standards
Enforce compliance to regulatory requirements, policies and standards
Support MAS and HKMA Technology or Security assessments
Provide oversight on compliance with internal policies/standards/guidelines, external regulatory requirements including local data privacy laws and codes so as to safeguard the Bank against compliance, regulatory and reputational risks
Support projects in IT security matters
Support the review of Security Concepts for local projects
Execute technical risk assessments, discuss and propose solutions for identified risks
Monitor and verify the implementation of IT security baselines within the IT organization
Support computer security incident response investigation, execution and awareness
Must have at least 5 years of Information Security, IT Security, IT Risk and/or Security
Must be familiar with MAS and HKMA policies and guidelines - banking is a must
Knowledge of main environments (Windows, Linux/Unix, Network, Firewall, IDS, data encryption, DLP, etc)
Knowledge of advanced security protocols and standards

IT Security Analyst Resume Examples & Samples

Bachelor's Degree in Information Systems or Information Technology
Understanding of IT security concepts with an emphasis on Security Operations, Incident response, Patch/Vulnerability Management
Sound understanding of internal and external audit process
Understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
Demonstrated proficiency in applying HIPAA/HITECH/PCI security rules and National Institute of Standards and Technology (NIST) standards
Working knowledge of SIEM tool preferably ArcSight
Previous experience with Web application vulnerability assessment and management; OS vulnerability assessment and management; Firewall and IPS/IDS management; Encryption management; Malware and APT management; DLP management; and, Web Proxy management
Working knowledge of E-mail Security, Mobile Security, Cloud Security and Forensic Security

IT Security Analyst Resume Examples & Samples

Bachelor's Degree in Information Systems and/or Information Technology
Requires excellent understanding of internal and external audit process
Proficiency in applying HIPAA security rules and National Institute of Standards and Technology (NIST) standards
Demonstrated proficiency in applying Identity Management (IDM) concepts
Microsoft Office/Suite proficient
Exceptional analytical thinking skills

IT Security Analyst Resume Examples & Samples

Respond to security incidents (malware infections, unauthorized access, malicious emails, Distributed Denial of Service (DDoS) attacks, etc)
Analyse malware samples to understands its characteristics and define signatures or indicators of compromise for detecting malware presence
Review threat intelligence and investigate indicators of compromise (IOCs)
Maintain and update all relevant documentation (procedures, tickets, etc)
Assist SOC L1 analysts in evaluating security events and issues, being the escalation point of contact when required

IT Security Analyst Resume Examples & Samples

Day to day management of certain key controls within the environment
User Access Management across multiple domains - support and management of same
Firewall reviews and configuration across multiple vendors
Provide expert security input to various ongoing projects/tasks as they arise
Guidance and support in the remediation process after assessments, audits or other activities that identify a control gap
Support and facilitation of audits and assessments related to Compliance (ISO/PCI-DSS/Internal Standards), IT Audit and Information Security
Assist with creation, review and publication of various information security standards, policies and guidance documents
In a number of areas; networks, operation systems, border controls, client-side controls, web and cloud based technologies
Data Protection principles
Firewalls, VPNs, IPS/IDS, Web Application Firewalls
Ability to identify control weaknesses and remediation
Working with or managing complex ISO27001 environments
Working with or managing complex PCI-DSS environments
Working with endpoint protection systems
Information security governance and guiding principles
Delivering Senior Management reports and metrics

IT Security Analyst Resume Examples & Samples

Supporting the Head of IT Security in managing all aspects of IT and Information Security including
Broad and up-to-date technical and security knowledge of
Windows client and server operating environments
Active Directory and Group Policy
Remote access solutions
Information Rights Management
Data Classification/Data Loss Prevention technologies
Anti-Malware solutions
DDOS Protection
Security Incident & Event Management Systems
Experience of communication protocols, a sound grasp of integrated, highly fault tolerant, business critical, complex server / network environments and architecture
Experience with a wide variety of business specific applications - including software that has been built by in-house development teams
A commitment to quality, attention to detail and up to date knowledge of relevant technologies is essential
Highly motivated
Able to identify and assess risks based on likelihood, operational impact and cost
Candidate should be familiar with legislation and industry standards surrounding security
Solution-focused and committed to high quality delivery and team performance
Strength of character, service oriented with a keen interest in technology and keen desire to grow into the role, with a full awareness of the critical nature of the role and ability to operate calmly in a logical manner
Organised individual who is a good communicator and can discuss technical subjects in layman terms, as well as negotiate / bring a point across with strong individuals

IT Security Analyst Resume Examples & Samples

Identifying scope and assets under review (Asset Classification)
Interviewing stakeholders to gather data about the system or service
Preparing initial and in-depth analysis of applicable threats, vulnerabilities, controls and resulting risks (IT Risk Assessments)

IT Security Analyst Resume Examples & Samples

Process entitlement, compliance review requests and/or incident/change management handling for Citi’s global customer base within established support thresholds
Ensure adherence to pre-assigned SLO requirements for designated requests
Execute client interactions, either by phone or email, with clear, concise terms while adhering to the GIDA Customer Service Guidelines
Support bulk customer requests for comparable granting of entitlements
Support and participate in assembling facts and input for escalation issues to be submitted to senior team members when necessary
Under supervision, participate in annual review of PCM documents associated with specific systems assigned
Maintain excellent availability to achieve strong results
Ensure maintenance of established access is kept up to date and active for all systems assigned. Participate in conference calls and team meetings
Limited but direct impact on the business through the quality of the tasks/services provided. Impact of the job holder is restricted to own team
Bachelor’s degree or higher desired or the candidate should have proven equivalent work experience
IS certification (CISM, CISA or Equivalent) is a plus
Must be able to work independently, without supervision but also as part of a multinational team
Proven use of discretion and judgment given the subject sensitivity of the work data
Strong communication skills including both technical and business writing, documentation and basic presentation skills
Demonstrable basic skills in project management

IT Security Analyst Resume Examples & Samples

Bachelors of Science degree in Computer Science, MIS, or equivalent work experience
Expert knowledge of IT security concepts and technologies
Certified Information Systems Security Professional CISSP, Global Information Assurance Certification GIAC or applicable technical certification preferred
Excellent verbal and written communication skills—ability to effectively exchange ideas and information and effectively relate to others in order to accomplish work responsibilities
Organizational skills with the ability to prioritize multiple projects
Experience with the following technologies

IT Security Analyst Resume Examples & Samples

Defining customer requirements for Security Solutions with a focus on the definition and implementation of automated IT Security Risk Management solutions
2+ years in IT
Knowledge of IT Security Risk Management frameworks such as PCI, ISO, COBIT, ITSG-33, etc
Able to communicate IT Security Risk Management points to others
Autonomous and ability to accept responsibility with minimal supervision
Professional designation such as CISA, CISSP, CISM, CRISC, etc

IT Security Analyst Resume Examples & Samples

Identify and define system security requirements
Design system security architecture and develop detailed security designs
Configure and troubleshoot security infrastructure devices and software
Develop technical solutions and new security tools to help prevent and mitigate security vulnerabilities and automate repeatable tasks
Monitors target date variances amid keeps projects on track
Determine the seriousness of security incidents and respond with appropriate urgency for escalation and response
Write comprehensive reports including assessment-based findings, root causes, outcomes and propositions for further system security enhancement
Produces project status reports on a timely basis
Participate in information system risk assessments, audits, and reviews
Three (3) years of information security experience; including use of Information Security technologies, knowledge of markets and vendors (firewall, intrusion detection, assessment tools, encryption and certificate authority)
Working knowledge and use of Qualys, Nessus, and other security tools
Working knowledge and use of forensic toolkits
Working knowledge and use of at least 1 for the following scripting languages: a) Python, b) SH, c) BASH, d) Java
Strong knowledge and use of TCP/IP and related Internet and network protocols
Strong knowledge of firewalls, IPS, IDS, HIPS, VPN, TLS/SSL, terminal servers, RAS and DNS
Expert knowledge and use of browsers and exploit methods
Strong critical thinking/judgment skills to evaluate project objectives, scope feasibility, address stressful situations, make efficient and effective decision making and provide appropriate & timely communication
Ability to react to dynamic changing environments

IT Security Analyst Resume Examples & Samples

Minimum of five years of prior security experience is required
At least 4-5 years of experience with Firewalls, such as Checkpoint, Cisco ASA, Juniper
At least 3 years of experience with Intrusion Prevention/Detection, such as: Cisco Sourcefire, FireEye, McAfee
At least 2-3 years of experience Web Filtering, such as Blue Coat, Cisco WSA, Websense
At least 2-3 years of experience with Mobility, such as Airwatch, MobileIron
At least 2-3 years of experience with Security Event Monitoring, such as McAfee ESM, QRadar, Splunk

IT Security Analyst Resume Examples & Samples

Extensive knowledge of information security in general
Working technical knowledge of current systems software, protocols and standards (TCP/IP e.g.)
Authentication systems and schemes
Firewall solutions / Intrusion Detection/Prevention o SIEM Tools
AntiVirus solutions / High-Availability/Load-Balancing systems
Systems monitoring and alerting (Safestone , Varonis, Raz-Lee)

IT Security Analyst Resume Examples & Samples

Manage security incident response within IT in accordance with agreed and established processes
Perform security analytics based on monitoring and testing
Extend capabilities around security analytics related to prioritized assets and general IT services globally
7 years of work experience in the field of security analytics

IT Security Analyst Resume Examples & Samples

Serve as the security operations liaison between Tribune Publishing and any service providers
Report on information security issues related to systems and workflow at Tribune to ensure the internal security controls for the enterprise are appropriate and operating as intended
Ideal candidate will have experience with security operations and event monitoring
Security+ or other security certifications a plus

IT Security Analyst Resume Examples & Samples

Five (5) or more years of technology and audit experience (general technology controls, application, and pre-implementation system development reviews) within a public accounting, and/or internal audit function
Two or more years of experience with internal controls evaluation, COSO, COBIT, ITIL, ITGCC, and ISO, SOX 404 requirements including all phases of planning, evaluation, documentation, testing and remediation
Demonstrated proficiency of technology auditing control disciplines including thorough and general knowledge in security and one or more relevant areas of technical specialization (application development, change management, or operations)

IT Security Analyst Resume Examples & Samples

Defines, documents, and maintains security and emergency policies, procedures, and tests
Reviews all IT solutions for compliance with standards
Designs IT security and data privacy solutions across the enterprise
Manages and monitors security for more than one IT functional area (e.g., data, systems, network and/or Web) across the enterprise
Responsible for the tracking and monitoring of software viruses
Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents and security controls
Involved in the evaluation of products and/or procedures to enhance security effectiveness
Work with both internal and external auditors to ensure compliance with all federally and industry mandated regulations including, but not limited to, SOX and PCI
Must have strong communication skills – verbal and written
Must be familiar with general security controls and incident management
Must be familiar and able to define and build documents using MS Office products (Word, Excel, Power Point, Project, Visio)

IT Security Analyst Resume Examples & Samples

Participate in monitoring and alerting as a member of the DSG CSOC
Document cyber security threat information and details and report details to the security organization
Assist with forensic investigations
Enforce CSOC policies and procedures
3-5 Years

IT Security Analyst Resume Examples & Samples

5+ years of IT work experience with a broad range of exposure to Network, Systems, Application Support, and/or Database Administration; 3+ years of experience with Information Security
Bachelor's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience
Knowledge of networking, Microsoft Windows desktop systems, Microsoft Windows Servers, Linux, Active Directory, Web Servers, Microsoft Exchange, Oracle DB, Web Application Firewalls and storage technologies
Experience with common Information Security management frameworks, such as International Standards Organization (ISO) 2700x
Strong technical background in information systems, systems administration, network design, network traffic analysis, and disaster recovery
Exceptional analytical and problem-solving skills

Senior IT Security Analyst Resume Examples & Samples

Manage operational costs to achieve agreed financial targets for the Computer Security Incdient Response Team (CSIRT) function
Actively monitors and protects ANZ's environment
Ensure ANZ staff are satisfied with the security services provided by the Security Operations Centre (Level 1) function
Provide subject matter expertise to investigate and respond to security incidents and actively protect the environment
Mentor other members of the Security Operations Centre (Level 1) team
Conducts continuous improvement initiatives to uplift and mature the Security Operations Centre (Level 1) function
Handling of computer security related incidents occurring at ANZ with specific focus on incidents originating from within the ANZ network and impacting or threatening other ANZ internal systems or threats which are identified outside of the ANZ environment and specifically targeting ANZ
Identification of and propose amendments of any playbook work instructions or processes which need to amended for optimisations or regulatory requirements
On-going development and maintenance of rulesets in the various security toolsets operating within ANZ
Support the infrastructure and availability of the ArcSight SIEM solution, including monitoring the health of the environment and working with platform teams to ensure event source are logging appropriately
Knowledge of technical security controls and technology risk management (eg. ITIL, ISO27001)

IT Security Analyst Resume Examples & Samples

Ensure ANZ staffs are satisfied with the IT security services provided by the Computer Security Incident Response Team (CSIRT) function
Ensure that project teams who engage with the Global Security Operations Centre (GSOC) are satisfied with the services and advice provided
Manage operational costs to achieve agreed financial targets for the Computer Security Incident Response Team (CSIRT) function
Graduate of Bachelor’s degree
Understanding of security technologies which are deployed in large ‘Tier 1’ organisations
Knowledge of security technologies such as Malware, Network Intrusion Prevention, Security Information Event Management systems
Demonstrated analytical ability in triaging and respond to security incidents
An active interest in security and awareness of current threats, trends and controls

IT Security Analyst Resume Examples & Samples

Responsible for firewall change review/management, URL filtering and application control policy
Review, analyze, and respond to daily security violations/alerts
Configure, support, and evaluate security tools
Assist in developing security awareness training
Assist in access control development, review, and investigation
Participate in a 24x7 Incident Response Team
PCI/SOX data collection and testing
Help computer users when they need to install or learn about new security products and procedures
Recommend security enhancements to management or senior IT staff
Research the latest information technology (IT) security trends, attack vectors, and methodologies
1 -3 years’ experience in network/data security
Bachelor’s degree in Computer Science, Information Systems, or equivalent required
Certification(s) such as GIAC, ISC2, ISACA, CompTIA a plus
Hands-on experience with endpoint and network security technologies such as antivirus, firewalls, IDS/IPS, web and email content filtering, Data Loss Prevention, and SIEM
Knowledge of Application Security
Knowledge of BCP and DR processes and procedures
Knowledge of compliance areas such as PCI and SOX
Knowledge of security frameworks such as ISO 27002

IT Security Analyst Resume Examples & Samples

Facilitate discovery, review, and analysis of privileged accounts throughout the enterprise through the use of automated tools and engagement with stakeholders
Onboard, configure and manage accounts credentials in accordance with defined security policies within the CyberArk solution
Ensure ongoing monitoring of Privileged Access functions and identification of all potential threats to the CDC
Bachelor’s Degree in Engineering, Computer Science, Information Systems, or equivalent relevant work experience
Understanding of information security operations principles, including application and infrastructure security technologies, across a global environment
Understanding of network architecture, protocols, services, and traffic flows, specifically with regards to authentication
Understanding of Privileged Access Management (PAM) concepts, principals, and processes
Experience with deployment and support of account security controls in a multi-platform environment, specifically

IT Security Analyst Resume Examples & Samples

Providing 24x7 support for Information Security related tools and systems including
Clear communicator with good writing and presentation skills
Good computer skills and proficiency in Microsoft Office products
3-4 years of relevant experience
Strong organizational skills (able to handle multiple priorities)
Understanding of server and network configurations with regards to industry best practices
General knowledge of Microsoft Windows Server, server virtualization and cloud technology
Detail and control oriented and thorough

IT Security Analyst Resume Examples & Samples

The Provide IT security consultation and direction to IT and business organizations
Drive IT vulnerability identification and assessment, compliance requirements, secure computing practices
Perform, facilitate, and review Software Development Lifecycle Threat modeling, Joint Venture (JV) assessments
Evaluate security-related requirements for application and infrastructure deployments
Coordinate security requirements across business organizations and recognize common needs with potential for strategic solutions
Conduct research on IT security topics and promote security and control awareness throughout the enterprise
2+ years previous IT Security Analyst experience
2+ years of experience with SDLC
Ability to work independently self-starter
Strong communication skills both verbal and written
Ability to work collaboratively, and negotiation simultaneously with several diverse stakeholders

IT Security Analyst Resume Examples & Samples

Serves as a resource for compliance project planning activities and projects with a focus on Sarbanes-Oxley section 404. Individual will also support other organizational compliance and security efforts such as PCI, HIPAA, Privacy/ DLP, Application risk assessments etc
Consultant with project and/or cross-functional teams through strong communication. Set priorities, balance workload and resources while driving project execution
Support the technology controls and assessment framework, leveraging standard tools and processes to identify control, process, and application issues / deficiencies
Engage with technology and business partners to ensure compliance with required assessments per company policy/standards; perform quality assurance validation of issues and assessments prior to closure or completion
Assist in testing and reporting the effectiveness of IT general controls
Assists in drafting policies and procedures related Information Assurance, Security, Compliance, and Privacy
Support the coordination of controls, monitoring and documentation with Audit and Compliance
Conduct gap analyses for existing processes, as needed to ensure identified gaps are addressed
Help to ensure compliance with applicable industry rules and company policies
Participate in major IT/special projects as an internal compliance consultant to provide direction, review and support by bringing an awareness and focus on regulatory concerns
Continually updates their knowledge of compliance and regulatory issues that will impact Aramark by keeping current with trends and issues in the IT industry, including current and evolving technologies
Develops work plans and project approaches in the financial audit context and/or consulting space, analyzing client server systems and multi-platform systems while providing detailed reports on the vulnerabilities of these systems and/or best practices from a compliance standpoint. Will be expected to utilize ITIL or other practice methodologies to assess our operations
Typically requires between 1 to 3 (or more) years of progressively responsible related work experience within a technical discipline
Experience with Sarbanes-Oxley section 404
Additional experience with one or more of: PCI, HIPAA, GLBA, FISMA or other related requirements
Accounting experience desirable
Strong understanding and experience in auditing Oracle databases & the Oracle Financials ERP will be a plus

IT Security Analyst Resume Examples & Samples

Partner with the JFWTC IT Security Leader in the delivery of IT Security projects, operations and incident response at JFWTC
Ensure maintenance of ISO 27001 certification at JFWTC
Participate in IT Governance & ISO compliance activities across Global Research
Engage with business partners and researchers at JFWTC on projects and incidents requiring IT Security input
Coordinate Software Governance activities at JFWTC
Lead and/or participate in IT Security awareness activities
Partner with peers from other GE businesses to deliver cross-business services and share best practices
Participate on projects and initiatives supporting other Global Research sites as required
Bachelor’s Degree in Information Technology or related discipline
5+ years combined experience in IT Security, IT Governance, IT Infrastructure or IT Applications
Master’s degree in Information Security
Security certifications (i.e. CISSP, CISM, CAP, etc.)
Experience in IT Governance (Risk Management, Compliance, Audits, Software governance, etc.)
ISO 27001 2013 Lead Auditor Certification
IT Operations experience
Experience working in a complex, global environment

IT Security Analyst Resume Examples & Samples

Education and 1+ year work experience in a related field. This is an entry level to 3 year experience role
Client facing presence and communication skills – naturally able to demonstrate the ability to gain client confidence
Ability to think well on your feet, shift gears quickly and work well in a fast-paced environment
Self-confidence, self-reliant work style and excellent communication skills (verbal and written)
Technical skills using Microsoft Office suite, including advanced Excel
High level of analytical skills

IT Security Analyst, Junior Resume Examples & Samples

Support targeted compliance reviews on behalf of the IT Risk & Compliance department
Support audit related matters when needed, including oversight, internal facilitation, review and remediation efforts
Develop technical and process related documentation, including operating procedures, control manuals, business requirement documents
Support the risk management process
Support the development of internal compliance and risk dashboards
Support remediation activities for non-compliance and monitor implementation progress (as necessary)
Periodically report on status of compliance initiatives and remediation activities
Engage with stakeholders cross organizationally to ensure IT Risk and Control issues or inquiries are properly addressed

Senior IT Security Analyst Resume Examples & Samples

Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines)
Administration and daily operation of SIEM technologies, including rule creation, reporting, correlation and performance monitoring
Provide role appropriate communication regarding threat events to Security Operations Center (SOC) as well as management in order to maintain effective communication regarding environmental concerns
Works with the Security Operations Center (SOC) analysts to perform Level 3 and 4 security events and incident response analysis
Assists with investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitation, etc.) to determine malfunctions, breaches, and remediation steps
BS degree in the field of computer science, information systems and/or cyber security training
Seven or more years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability management, system patching, log analysis, intrusion detection, or firewall administration
Demonstrates fundamental understanding of SIEM technologies, including administration and analyst operation of SIEM within SOC functionality
Demonstrates fundamental understanding of system and network security principles and technology
Demonstrates fundamental understanding of Networking - TCP/IP and other protocols. Common network device functions, such as routers, switches, hubs, etc
Demonstrates understanding of Log file analysis and correlation
Demonstrates understanding of relevant terminology, such as: threat, vulnerability, risk, asset, exposure, safeguards, etc
Demonstrates fundamental understanding of risk, IT and security controls, compliance, authentication, authorization, and accountability
Demonstrates time management skills and the ability to prioritize work in a highly dynamic environment
This role is considered a position of Company trust; must have no criminal background or integrity work history issues
Security certification CISSP, SANS, etc. is preferred
Able to travel internationally

IT Security Analyst Resume Examples & Samples

A 4-year degree in a computer-related field
1-5 years experience in IT administration or IT support
Security Investigations – Provide information to third parties for security investigations
Strong knowledge in security administration, security products, operating systems, and security awareness

Senior IT Security Analyst Resume Examples & Samples

Escalating and explaining security incidents
Conducting research on emerging security threats and potential impact to CNO
Triage security incidents, and coordinate the security incident response process in the event of a breach event, including coordinating all forensic activities, evidence gathering, and general response coordination
Monitor information security alerts though the use of SIEM to respond, triage, and escalate as needed
Develop playbooks for common security use cases and the process to triage
Leverage the NIST framework to enhance our incident response capabilities
Database (MS SQL, Oracle)
Security Applications (IDS/IPS, AV, Vulnerability Scanners)
Responsible for reporting, escalating, and remediating anomalous events based on the established protocol
Participate in root cause analysis of critical events for improving preventative and reactive processes
Responsible for gathering and responding to all assessment / audit requests for information
Direct experience with endpoint technogies (Carbon Black, Crowd Strike, etc)
Willingness to work on a rotating on-call schedule. It should not be a major time commitment outside of business hours, but due to the nature of security operations this individual must be part of an on-call rotation
Monitor public and private threat intelligence sources, participate in knowledge and threat information sharing
Provide Cyber Intelligence briefings to stakeholders on external cyber threat intelligence
Assist with vulnerability management activities

IT Security Analyst Resume Examples & Samples

Conducts and participates in security reviews, evaluations, and risk assessments, assisting in the development and implementation of appropriate recommendations
Analyzes the company's information security architecture, including hardware and software components, with the objective of standardizing security throughout companys infrastructure
Evaluates and assists in the development of security policies and procedures
Provides technical expertise and support for security software, including operational aspects of the software
Provides guidance, direction, and oversight for compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry technical information
Participates in, and on occasion leads, information security projects, including the development of project scope requirements, budgeting, and project planning
Participates in coordinating the handling of security incidents, recoveries, breaches, intrusions and system abuses

Senior IT Security Analyst Resume Examples & Samples

Creation and maintenance of project SharePoint lists
Set up and manage automated as well as manual provisioning workflows
Conduct quality assurance (QA) on work performed within the team
Document business and technical processes surrounding user access provisioning and identity management
1+ years of Business Analyst experience
1+ years of Identity & Access Management (IAM) experience
1+ years of gathering and documenting project requirements/specifications
1+ years of MS Excel
Excellent verbal as well as written communication skills
Self-motivated with critical thinking abilities
Healthcare Industry experience

IT Security Analyst Resume Examples & Samples

Key resource influencing day-to-day tactical Security Operations activities including Endpoint and Network Security, as well as SEIM management
Identifies security and technology risks through established vulnerability management and penetration testing programs
Establishes team standards for technical and operational management of security platforms
Motivates and inspires other team members
Interfaces with enterprise risk management team to align on key upcoming initiatives
Develops innovative approaches to operationalizing security platforms
2+ years of experience in an Information Security role within at least two of the following domains (will consider classes and internships): Access Control, Vulnerability Management, Network Security, Information Security Governance and Risk Management, Cryptography, Operations Security
Available to travel up to 25% of the time (domestic only)
Experience and working knowledge of industry standard security controls and frameworks
Prior experience leading or managing teams of any scale or size

IT Security Analyst Resume Examples & Samples

Research, evaluate, and assess emerging cyber threats to Express Scripts digital assets
Prioritize and identify security risks, threats and vulnerabilities in networks, systems, and applications
Perform network vulnerability security scans to identify cyber vulnerabilities
Learn and perform network and application penetration tests
Implement threat modeling techniques
Identify technical security weaknesses in the technical and operating environment
Analyze the technology operating environment and advise on remediation of vulnerabilities in internal and external systems
Partner closely with system and network administrators to educate teams on information security practices
Generate platform vulnerability, remediation and action plan reports
2 - 5 years of relevant work experience
A technical background or field of
Strong decision-making and prioritization skills
Experience with command line on Linux and Windows operating systems
Basic knowledge of information security or cyber security challenges to large organizations
Experience using Microsoft Excel for data analysis and report generation
Application development knowledge and experience is desirable, but not required
Experience with SQL Query is desired, but not required

Senior IT Security Analyst Resume Examples & Samples

Lead and mature enterprise vulnerability scanning solutions for a Fortune 25 corporation
Educate and mentor cross-functional individuals on identified vulnerabilities and remediation strategies
Serve as the SME and advisor for security maturity efforts of key infrastructure platforms
Assess level of assurance of critical security tools and drive operational excellence
Early informer of critical vulnerabilities and exposures relevant to safeguarding the company’s information assets
5 - 8 relevant years of experience
Decision-making and prioritization skills
Action oriented, results driven
Individual has achieved measurable results in maturing vulnerability scanning for a Fortune 500 organization
Strong understanding of the attacker kill chain, and commonly used tools and techniques
Expertise and experience in securing applications, operating systems, and network infrastructure
Expertise in securing fundamental networking protocols: DNS, HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS
Understanding of risk modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)
Understanding of common exploitation techniques and mitigations
Vulnerability assessment process and tools experience: Nessus, Nexpose, Qualys, Metasploit, Nmap
Penetration testing experience and certification (CEH, OSCP, OSWE, CPT) a strong plus

IT Security Analyst Resume Examples & Samples

Any graduate with 4+ years of experience into overall infrastructure and application security controls
Improve the maturity of the configuration levels on the security tools
SIEM Correlation, DLP Discover, Firewall Audits, PCI-DSS Audit, Kaspersky Deployment, Akamai WAF
Enhance the monitoring and the response to various flagged security incidents. Improve the reporting from security events into an aggregate overall platform
IDERA DB Monitoring; Kaspersky AV / Application Review
Firewall Rule Sets Configurations and Review
Patch Management
WAF Configuration and Monitoring

IT Security Analyst Resume Examples & Samples

Direct, on-site IT Security support to the GOES-R Project
Development and maintenance of a robust IT Security plan that meets NIST 800-53 and other NIST, Federal Government and specific NOAA requirements
Support NOAA meetings and represent the IT Security team when the lead is unavailable
Experience writing documents and proposals related to the IT Security needs or impacts to a customer or system
Build solid working relationships through interactions with a diverse program team
Support IT Security efforts from NASA Goddard Space Flight Center in Greenbelt, MD as well as NOAA Satellite Operations Facility in Suitland, MD. Occasional travel to Fairmont, WV and Wallops Island, VA locations as well
Bachelor’s degree with 8 years of relevant experience
CISSP certification is preferred but not required

IT Security Analyst Resume Examples & Samples

Develop and implement information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements
Implement and maintain all information system and software security certificate activities, to include PCI and SOC compliance along with annual penetration testing
Develop, implement and monitor the internal control systems to ensure that appropriate access levels are maintained, security policies and procedures are followed
Risk Management Framework experience
A FISMA compliant Assessment & Authorization (A&A), I&A
Certification and accreditation (C&A)
Advanced knowledge of SIEM, FIM, DLP, IDS/IPS, firewall and anti-virus/malware solutions
Self-Motivated and assertive
Ability to set priorities and adapt to changes in a quick, professional manner
Excellent oral and written communication skills; ability to interact with internal and external stakeholders at every level
Ability to use discretion when handling confidential information
Must demonstrate strong analytical, reasoning and problem solving skills

Senior IT Security Analyst Resume Examples & Samples

8 years relevant experience in IT security management, network management, hardware/software systems analysis and specifications, requirements coordination, overall data management, and project management
Expertise in hardware and software typical to a Windows/Linux based TCP/IP network environment
Certification in one or more of the following: CISSP, CISM, Security+. Knowledge and skill in Vulnerability Assessments, Penetration Testing, installing and maintaining IDS/IPS
Familiarity with Carnegie Mellon University and Engineering Institute processes

Senior IT Security Analyst Resume Examples & Samples

Serves as a key resource on complex and/or critical security incidents
Analyzes and reports on data and metrics from technical operational security platforms
Works closely with key vendors and partners to ensure compliance with organizational security policies
Serves as technical leader and subject matter expert for technology platforms managed by Security Operations
Reviews work performed by other analysts and provides recommendations for improvement
Participates in the design and transition of service for new security capabilities
3+ experience within IT field (infrastructure, applications, network, etc.) within an enterprise IT environment
2+ years of experience in an IT Information Security role within at least two of the following domains: Vulnerability Management, Network Security, Information Security Governance and Risk Management, Operations Security
Security certifications such as SEC+, GSEC, CEH, CISSP, SSCP, or CISM
IT Information Security experience with ANY of the following: CryptograpHY and/or Access Control

IT Security Analyst Resume Examples & Samples

Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements
Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization
Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using
Structure and maintain this program to be long term, so ultimately we are not changing just behaviors but culture
Create a metrics framework that can effectively measure these requirements
Provides consultative advice to information security customers that enables them to make informed risk management decisions
Active participation in strategic initiatives in accordance to the IRM roadmap
Ability to form complex 'communications / messages' in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages
Understanding of the concepts of information risks and the different elements that make up risk. In addition have at a minimum a basic understanding of the different concepts of information security
At least 1-3 years of IT experience with a Bachelor's Degree in computer related field or equivalent
1 – 2 years of Security Awareness / Training or a similar background in the Security Education areas, preferably in a Fortune 100 or other large enterprise expertise

IT Security Analyst Resume Examples & Samples

Acts as team SME for RACF Structure/Tools, and associated access provisioning/de-provisioning
Assists audit, remediation, provisioning, and support teams
Assists management in reviewing work of team for soundness of judgment and overall quality and efficiency
Bachelor’s degree in related field or equivalent work experience
SME-level knowledge of and previous experience with RACF structure/tools, and access provisioning/de-provisioning
Familiarity with health care or PBM industry
Advanced problem solving skills and the ability to work collaboratively with other departments to resolve complex issues with innovative solutions
Demonstrated ability to prioritize work load and meet project deadlines

IT Security Analyst Resume Examples & Samples

Analyze host and network log data to identify evidence of attacker activity and improper use
Conduct forensic analysis of volatile and non-volatile forensic data including host forensic and memory analysis
Conduct dynamic analysis on malware to determine the malware’s nature and capabilities as well as indicators of compromise associated with the malware
Execute evidence handling procedures to ensure appropriate chain of custody for forensic evidence
Support investigation of network intrusions, HR violations/improper use, and intellectual property issues
Provide side-by-side incident response, forensic, and malware analysis training for other team members
Develop draft reports and timelines detailing the results of forensic analysis, malware analysis, forensic investigation, and log analysis
Participates on Technical Working Groups as needed
Proactively seek continuous improvement
Any additional responsibilities assigned
Associates degree in Computer Science or related field. Military certification will be held as equivalent
At least 3 years experience in Incident Response and forensic analysis and investigations
Must be familiar with incident response methodologies and common remediation techniques, including the Attack Kill Chain framework
Must have an in depth understanding of Windows & Unix systems
Must have experience with logging, monitoring, and log analysis
Experience with malware analysis and reverse engineering not required but encouraged
Proficient in presenting written and verbal reports or presentations to technical and non-technical audiences
Certifications (GCIH, GREM, GCFA, ACE, EnCE) are preferred
Demonstrated experience in evidence acquisition, both volatiles and static in remote and local environments
Demonstrated evidence analysis experience to include utilization of various tools (Encase/Sleuthkit, Autopsy, FTK, etc.), creating and analyzing timelines, data carving and extraction, forensic analysis and reporting

IT Security Analyst Resume Examples & Samples

Exposure to, or experience in, one or more IT Security subject areas
Retail experience; working with technology and software; strong business acumen
Recent education or certification in an IT Security subject area
Intermediate skills using Microsoft Word, Excel, and PowerPoint
Involvement with technical audits or assessments

IT Security Analyst Resume Examples & Samples

Utilize built-in and/or third party tools to analyze our large, complex, multi-domain Active Directory environment
Document risk assessments and recommendations for risk mitigation and environmental remediation
Advise Identity & Access Management resources on best practice processes for provisioning, deprovisioning, and effectively managing identity and access lifecycles
Execute recommended and approved remediation strategies
9 - 11 Years of Relevant Work Experience
Extensive experience and knowledge of Active Directory function and architecture
Experience using AD tools such as Hyena/ADSI Edit
PowerShell/other programming experience
Information technology security experience and proven ability to meet deadlines
Ability to adapt in a dynamic work environment, learn quickly, solve problems and make decisions with minimal supervision
Demonstrated ability to coordinate people and teams cross functionally to resolve complex issues with designated time frames

IT Security Analyst Resume Examples & Samples

Implement and executes security controls to protect information assets
Creates operational documentation related to work area and completes requests in accordance with company requirements
Typically 5 or more years’ experience in an information security or related field
Security certification preferred, but not required
Experience with advanced malware detection, prevention and forensic tools
Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules

IT Security Analyst Resume Examples & Samples

Candidates in this role will function as the subject matter expert within the disciplines of incident response, cyber investigations and digital forensics
Role will require building and maintaining working relationships with multiple business units, information technology teams and engaging with various levels of senior management
The job requires an understanding of attack vectors, current threats, and remediation strategies
Candidates in this role will also be expected to possess the technical aptitude necessary to understand digital forensic techniques and analysis tools to support the investigative process
Lead/Coordinate actions related to cyber incident response and investigation activities (triage, root cause analysis, forensics, escalations, notifications, communication, etc.); determine severity level of incidents and course of actions to include escalation and communication
Providing updates (written reports) to management team
Support development of program and training for forensics investigators
Provide expertise in cyber investigations that may involve fraud, employee code of conduct violations, criminal activity, and breaches of confidential information and/or intellectual property
Partner with Global Information Technology, Risk & Compliance and other internal stakeholders
Analyze logs from firewalls, network and host intrusion and prevention systems
Analyze malware and/or spam and/or phishing or any other malicious content
Experience with enterprise forensic solutions from Encase, Mandiant, FireEye, AccessData, HBGary, etc
Knowledge of forensics and malware analysis tools e.g. SIFT, volatility, FTK, sleuthkit, winhex, ollydbg, IDA Pro, Lord PE
Certifications: GCIH, GCFA, GCFE, GREM, CHFI, CISSP, CCFP, CEH
4-7 years of experience in information systems security/Cyber Forensics/Malware analysis/incident response

IT Security Analyst Resume Examples & Samples

Primarily responsible for triaging, investigating, and processing security events and following defined procedures
Implements and administers information security controls using software and vendor security systems
2+ years of experience of working on network security
Knowledge of Cisco and Juniper firewalls
Knowledge of firewall rule remediation and log analysis
Knowledge of TCP & UDP network protocols
Experience with case management and incident response; Proficiency in time management, communications, decision making, presentation and organizational skills

Senior IT Security Analyst Resume Examples & Samples

Responsible for subject matter expertise and technical direction for strategic and operational security activities
Ensure the delivery of information security services to the client is in compliance with the contract and is in compliance with any applicable standards and regulatory requirements (e.g., SOX, PCI)
Seek to understand the client’s culture, security strategies, security goals, security objectives and security capabilities and cultivating trusted partner relationships with account and client; keep a consistent and open dialogue to uncover issues, challenges, and risks
Stay current on security trends and clearly communicating trends to client and participating in audits and compliance initiatives for the client (e.g., SOX, PCI) and coordinating information security services activities
Manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits and assessments and identifying information security weaknesses and/or gaps in the client’s current operations and working with the client to bring information security operations up to standards
Host and represent Dell Services IT Security Services team in delivery / operational meetings with the client, account, and technical stakeholders
Review service management reports to ensure tickets (i.e., incidents, problems, requests, changes) related to information security are being acknowledged, worked, and Service Level Agreements are being met
Coordinate SIEM related issues with technical SMEs for resolution and provide direction on ticket remediation to ensure remediation is complete
Develop, modify, and implement SIEM correlation rules in alignment with client requirements as well as develop and maintain client asset classification and categorization in the SIEM portal
Understand and interpret SIEM portal data and act as a trusted security advisor to the client and delivery stakeholders

IT Security Analyst Resume Examples & Samples

Must have experience in Information Security Standards and Management
Must have experience IT Security products like Firewall, IDS/IPS, SIEM, Anti-Malware Threat Discussion
Must have strong experience in Vulnerability, Patch & Incident Management
Understanding of IT Security Requirements for Operating Systems (Windows and Unix flavours) and Database (Oracle, MSSQL, Sybase, MYSQL, DB2) platforms
Strong communication, technical writing/diagramming and spoken skills in English
Good organizing, prioritizing, synthesizing skills

Senior IT Security Analyst Resume Examples & Samples

Performs HIPAA audits and other IT related reviews (NIST, PCI) as prescribed in the annual plan
Tracks remediation of identified gaps noted in reports
Effectively communicates audit results, both verbally and in writing, so they are persuasive, placed in the appropriate context, and understood by the recipient
Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., NIST, HIPAA and PCI
Maintains appropriate security documentation for applications and systems
Bachelor’s degree in computer related field
Certification in information security (CISSP, CISM, or equivalent) preferred
Familiarity with external regulations, e.g., DIACAP, HIPAA, PCI; Strong understanding of information security principles; Familiarity with domain structures, user authentication, and digital signatures; Understanding of data communication networks; Experience with security tools and systems; PC skills including knowledge of Microsoft Office
Excellent organizational skills and ability to communicate with internal/external entities and executives a must; Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities; Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve; Ability to multi-task and manage time effectively

Senior IT Security Analyst Resume Examples & Samples

Perform application and infrastructure penetration tests, as well as physical security review and social engineering tests for our global clients
Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
2+ years of penetration testing experience including

IT Security Analyst Resume Examples & Samples

Works under the supervision of the Manager, Enterprise Security Services and guidance of Senior IT Security Analysts
The IT Security Analyst ll will contribute to the organization’s mission and vision by performing risk assessments and reviews to identify key corporate security vulnerabilities that affect the confidentiality, integrity and availability of electronic protected health information and other company confidential data, and provides technical support to systems owners to address and implement solutions to identified security and risk issues
Participates in developing the design for the enterprise network security environment, with functional components
Interprets security related events and identifies relevant data and appropriate response for cross functional teams, data owners and business leaders
The IT Security Analyst ll position requires an in-depth understanding of the CHI enterprise and MBO business and information security practices for the network, server (Microsoft, Unix, Linux), databases, applications, and the use of risk / security vulnerability tools and other security assessment techniques
Consults, advises, and develops action plans to design suitable vulnerability and threat management systems in order to safeguard all CHI information assets
Update skills as necessary to support the CHI IT Security and remain knowledgeable of industry standards and advancements
Associate degree in a related technical field or equivalent experience
Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA), required
Minimum of 4 years of progressive experience in information services, including two years in systems security with certification, maintenance and use of security products in a distributed enterprise environment. Experience in compliance with federal security regulations
Minimum of 2 years’ experience in healthcare or security consulting
Experience in complex multi-site LAN/WAN environments
Experience in Windows NT and Windows 2000/2003 Active Directory
Knowledge of network and host IDS
Knowledge of Exchange, IIS, and Apache
Project skills including work plan development and management, and accomplishing projects within budget

IT Security Analyst Resume Examples & Samples

Lead assessments of current security technology and authentications systems and evaluate against HIPAA, Federal and State Information Protection and Privacy regulations, CHI Security Policies, and other relevant regulations and best practice controls pertaining to the protection of Enterprise information assets with respect to information security
Lead the assessment and review new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system managers and the operations staff
Leads the consultative process, advises, develops action plans to design suitable vulnerability and threat management systems in order to safeguard all CHI information assets and collaborates with personnel in IT departments to coordinate data security related activities
Leads Collaborative programs with personnel in all IT departments to ensure that electronic data security is consistently implemented throughout the enterprise
Create and assist in ensuring adherence to CHI network and security installation standards and the maintenance of all associated documentation
An active leader in the development of a security incident response process

IT Security Analyst Resume Examples & Samples

Work directly with end users to identify, isolate and re-mediate malware on the end-points
2 years IT experience which includes customer support, networking and IT Security experience
Understanding of malware infection vectors, identification and remediation techniques
Security processes and technologies including threat analysis, security monitoring and security technologies like IDS/IPS, DDoS prevention technologies
Experience in following incident response procedures and standards, strong communication skills and ability to articulate events to senior management
Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with IT management and staffs
Dedicated and self driven desire to research current information security landscape and threats
Vulnerability scanners and SIEM experience a plus

IT Security Analyst Resume Examples & Samples

Maintain and enforce risk management standard and assessment procedure(s)
Collaborate with risk and compliance teams to develop risk assessment practices/procedures best suited for cloud environments and services
Report and monitor risk findings from various business units within Cloud Operations
Track mitigation plans and strategies with business units across Cloud Operations
Execute risk assessments to identify, rank, evaluate, respond, and report on risks across the business
Asset management across Cloud Operations; develop, document, and analyze asset inventory (physical, information, technology assets) within Cloud Operations to identify critical assets and establish necessary protections of those assets
Work with various lines of business to embed risk management standards and practices into new processes and services
Create dashboards, metrics, reports, and other scalable project management processes and solutions
Draft and polish Risk Management presentations and documents
Triage requests and help resolve issues for the Risk Management team
3-7 years of experience in a risk management, project management, or GRC role
Knowledge of risk frameworks (RIMS, ISO, COBIT, CEB)
Domain knowledge in risk management, finance, or quantitative research concepts preferred
Familiarity with information technology, security, and engineering concepts, ability to discuss technical risks/issues with subject matter experts
Sound judgment in triaging and escalating issues
Highly motivated self-starter; results-oriented

IT Security Analyst Resume Examples & Samples

5+ years experience developing, publishing and maintaining Information Security Policies, Standards & Procedures which includes hosting, networking, and client computing environments
5+ years IT Audit or Risk Management experience which includes hosting, networking, and client computing environments
5+ years of IT Security experience across multiple platforms, OS’s, software, and network protocols
Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP) certifications are a plus
Bachelors Degree and/or Masters Degree in related field of study preferred
Excellent communication skills, analytical capability, judgment, self-driven, multi-tasking, proactively, and willingness to adapt to change in dynamic, global environment are critical
Understanding of information security risk management concepts, frameworks and standards (ISO, UCF, NIST, PCI, HIPAA)
Understanding of information technology auditing concepts, frameworks and standards
Knowledge of international regulations and requirements related to information security risk management
Broad technical background in infrastructure and applications – especially Oracle components
Business savvy including the ability to see the big picture and the ability to effectively influence others

IT Security Analyst Resume Examples & Samples

Report on audit status and corresponding problems to management
Plan and execute service gap assessments reviews as assigned
Identify, interpret, and evaluate Information Security risks and translate those into Business Risks
Provide feedback and support to update and maintain audit processes
Promote a risk-conscientious environment; ensure efficient and effective risk and compliance management practices by adhering to required standards and practices
Bachelor’s Degree in Business Administration, Computer Science, Information Systems Administration or Finance/Business Operations Management related field
5-7 years of Information Security, Information Technology, Internal Audit, Financial, Supplier Diversity, Vendor Management skills
Knowledge of at least one of the following capability frameworks: Vendor Management/Supplier Diversity, Financial Requirements, Client-Facing/Customer Skills
Knowledge of Cloud delivery models and applicability to contracts, 1st/3rd party client/customer requirements, contract management
Good understanding and knowledge of business risks related to system general controls, systems / applications development, change management, financial, contractual, and legal requirements with 1st/3rd party requirements
Can communicate well with virtual teams and executive level presentations
Excellent analytic, oral and written communication skills
Financial / Business Acumen with Compliance Control Frameworks
FFIEC, PCI, or SOX experience with 1st/3rd party requirements
Previous experience in consulting a plus
Experience in Financial Services or Public Accounting a plus

IT Security Analyst Resume Examples & Samples

Take responsibility for successful execution of vulnerability management solutions and strategies
Perform security analyst tasks to contain vulnerabilities from exposure
Evaluate vulnerabilities for real risk to the Oracle Cloud environment
Create/escalate requests for vulnerability fixes
Three years previous experience managing enterprise scale vulnerability management solutions
Ability to evaluate vulnerabilities for real risk to the operational environment
Experience analyzing network topologies for security vulnerabilities
Experience in analyzing firewall and system logs
Ability to analyze network flow and packet captures

IT Security Analyst Resume Examples & Samples

Assist other GBU/GIS staff on specific projects and incidents as required
Perform special security projects on an ad hoc basis
At least 5 years’ experience with systems development, systems administration, or network administration
Previous hands-on experience in penetration testing and vulnerability assessment is mandatory
Experience of web application testing, infrastructure testing, manual testing, code reviews
Knowledge of web technologies and communication methods
Knowledge of information security standards such as ISO27001 and PCI DSS
Professional certification is a distinct advantage (CEH, OSCP, GIAC CPEN, CREST CRT, etc.)
Excellent team player

IT Security Analyst Resume Examples & Samples

Manage remediation activities resulting from Internal and/or external assessments or audits
Define, document, maintain, communicate security services for Managed Cloud Services
Manage security audit activity related to Sarbanes Oxley, SSAE 16 and ISAE 3402, PCI, HIPAA, 21 CFR Part 11, etc
Managed the Enhanced Security Service Delivery to ensure that contracted services are being delivered as agreed
Be able to multi-task, and be pro-active in addressing issues and requests quickly
Possess technical acumen and the ability to understand and interpret technical specifications
Have auditing or security background
Possess Project Management Skills
Technical knowledge of Oracle Applications and Database and infrastructure components desired

IT Security Analyst Resume Examples & Samples

Analyze, document and report on potential security incidents identified in customer environments
Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits
Perform knowledge transfers, document and train clients regarding mitigation of identified threats
Provide ongoing recommendations to other MSS peers and customers on tuning and best practices
Actively research current threats and attack vectors being exploited in the wild
Perform attack vector and path analysis on case by case basis depending upon the severity of the
Security Analyst will be a part of the Threat management team, thus involved in activities

IT Security Analyst Resume Examples & Samples

Ensure all systems being monitored are logging properly
Manager the operation and health of Security tools
Perform first level IDS event analysis
Conduct Vulnerability Scans, File Integrity Management scans, Network Scans
Staying up to date with the latest security trends, vulnerabilities, exploits and tools
Support remediation activities resulting from Internal and/or External assessments or audits
Manage the security elements of infrastructure components (Networks, Servers, Endpoints)
Define, document, maintain, communicate security services for Oracle Cloud for Industry, including vulnerability and threat management, continuous scanning/monitoring, incident response, security architecture reviews, support of security tools, evaluate and implement new security tools, technical support for RFPs and customer audits
Define and support operational compliance processes and documentation
Support security audit activity related to the Sarbanes Oxley, SSAE16, PCI, HIPAA, 21CFRPart 11, SOC2 etc

IT Security Analyst Resume Examples & Samples

Take responsibility for successful execution of IDS solutions and strategies
Perform security analyst tasks to contain exposures from an incident
Proven experience in writing custom IDS rules and policies

IT Security Analyst Resume Examples & Samples

Take responsibility for successful execution of incident response plan
Perform incident response tasks to contain exposures from an incident
Three years previous experience working incidents
Experience and training in triaging an incident from an initial report to resolution
Experience analyzing network flow and packet captures

IT Security Analyst Resume Examples & Samples

Experienced technical professional of current network hardware and standards
Specific technical knowledge of client and LAN to LAN VPN technologies
Working technical knowledge of various OS shell scripting languages
Expected to design, install, configure and maintain applications and hardware in a highly available and scalable environment
Experience installing, configuring, and maintaining OS services and networking
Specific knowledge of Microsoft Windows 2008-2012 R2 platforms
Specific knowledge of Oracle, RedHat and CentOS platforms
Familiarity with TCP/IP protocols, firewall management, and database administration
College diploma or university degree in the field of computer science and/or 5+ years equivalent work experience
Strong understanding of the organization’s goals and objectives
Ability to present ideas in business-friendly and user-friendly language
Certification(s) in Cisco and/or Juniper administration
Certification(s) in a Linux administration in any distribution
Certification(s) in Windows administration
Prior experience in mission-critical support role
Experience with Windows, Oracle Linux
Experience with virtualization frameworks such as VirtualBox, KVM, and/or XEN
Experience with various security appliances such as ids, proxy, taps, siem

IT Security Analyst Resume Examples & Samples

Configuration and management of various Security tools
Manage the security elements of infrastructure components (Networks, Servers and Endpoints)
Ensure that all systems being monitored are logging properly
Work on log correlation rules within a SIEM
Conduct Vulnerability Scans, File Integrity Monitoring scans, Network Scans
Define, document, maintain, communicate security services including vulnerability and threat management, continuous scanning/monitoring, incident response, security architecture reviews, support of security tools, evaluate and implement new security tools, technical support for RFPs and customer audits
Support security audit activity related to the SOC2, PCI, HIPAA, 21CFRPart 11 etc
Bachelor’s degree or equivalent combination of education and five years of experience in computer science, computer engineering, mathematics or related field
7 years of experience in IT or Security Analysis
Experience with Linux Operating System
Experience with network intrusion detection tools
Experience with event correlation tools
Be able to multi-task and be pro-active in addressing issues and requests

IT Security Analyst Resume Examples & Samples

Vulnerability and configuration compliance scanning tools
High throughput enterprise SIEM and syslog based logging solutions
Complex Intrusion Prevention System deployments
Desktop and network malware detection/blocking solutions
Netflow analysis and threat detection tools
Network security solutions including firewalls, routers, and vpn gateways
IT analytics tools including big data open source solutions
Secure systems and database administration on Linux, Windows, and other platforms
High school degree/GED with BS/MS in technical field preferred
Solid understanding of information security, CISSP or other certification
Proven troubleshooting skills and "get it done" attitude
Working knowledge of scripting languages and vendor APIs
Excellent communications and leadership skills
Ability to work effectively on virtual teams
Effectively network and work well independently

IT Security Analyst Resume Examples & Samples

Support existing compliance and audit efforts
Driving multiple assessment efforts simultaneously
Ability to work in a very faced paced environment
Conduct gap assessments against new M&A’s, new products and expansions
Investigate and escalate issues and risks to Oracle Cloud management
Interact with technical teams to create remediation plans

IT Security Analyst Resume Examples & Samples

Be the foremost subject expert on enterprise Security and Risk management tools, technologies, products and solutions for Global IT. Serve on working forums, architecture and design reviews and other review boards representing this area of specialization and expertise
Interpret and anticipate business requirements for Security and Risk Management tool solutions then provide leadership and drive on architecting and designing innovative solutions for these within a strict cost, quality and delivery time framework
Contribute to, and define, long-term service strategy (1-3 years) and execution roadmaps that increase the operational effectiveness of your customers. Evangelize and gain acceptance from key stakeholders for these
Actively engage with Oracle Product Development teams and third party vendors on future product strategy and feature requirements
Evolve a deep understanding of Oracle Global IT managed and delivered technologies and services
Deliver presentations to internal audiences and at industry events on any and all aspects of Global IT’s Security & Risk Management tooling
Lead investigations in to new and potentially relevant technologies and products
Be self disciplined to achieve successful outcomes within your post and be able to inspire others similarly. Able to mentor others to raise individual skills and the quality of delivered products by the team
Degree in computer/communications science/engineering, software engineering or related discipline preferred
Strong knowledge of security & risk management technologies and associated industry standard frameworks and tool sets
Prefer at least 8+years work experience in an IT industry with an excellent understanding of IT infrastructure monitoring, security and risk management products, industry trends and best practices
Experience with large scale enterprise design and deployment of one or more of the following tools is required – IBM QRadar CLS, SIEM, Lancope Stealthwatch, Mcafee & Cisco Sourcefire IDS/IPS, Fireeye, Algosec

IT Security Analyst Resume Examples & Samples

Experienced technical professional of configuration management systems (e.g. Chef, Puppet, etc.)
Experience with scripting languages (e.g. Perl, Python, Ruby, etc.)
Familiarity with TCP/IP protocols
Certification(s) in Windows and/or Linux administration

IT Security Analyst Resume Examples & Samples

Perform daily support operations, with a schedule that may involve nontraditional working hours
Responsible for the operation, performance, availability and capacity of the network access control (NAC)
Partner with the IT Information Security, Risk and Compliance Center of Excellence to develop logical and implementation designs for the NAC solution and accompanying integrations
Expand existing NAC solution capabilities; ensuring consistency across all regions of the world
NAC performance and load testing and upgrades
Collaborate with team members as well as other business functions, business partners, management, vendors, and external parties for information gathering and best practice recommendations
Develop NAC policies in alignment with business and security requirements
Work with a globally distributed team and rely heavily on electronic communication
Contribute to overall NAC process improvements and documentation
Represent and contribute to the overall 3M NAC solutions and methodologies
High School Diploma/GED or higher from an accredited learning institution
Minimum of eight (8) years of information security experience
Experience with Network Access Control and 802.1x
Experience in networking design and concepts to include TCP/IP, switching, routing, firewalls, virtual route forwarding and VLANs
Active Directory/LDAP Experience
Aruba ClearPass Policy Manager Certified
Experience with Checkpoint firewall technology
Thorough understanding of the following security technologies
Intrusion Detection/Prevention Systems (IDS/IPS)
Log Management (Splunk) and Security Incident and Event Management (Arcsight)
Virtual Private Network (VPN) Remote Access
Must be well-versed in multiple areas of network security products
Must be well versed in multiple OS platforms (Windows, Linux, iOS, Android)
Must be well versed in common network security threats, as well as best practices to mitigate them
Strong network layer knowledge (CCNA a Plus)
Working knowledge of secure communication methods
Programming and/or scripting skills
CISSP, CISM, or related SANs certifications preferred
Strong IT infrastructure implementation, support and troubleshooting background

Senior IT Security Analyst Resume Examples & Samples

5+ experience within IT field \(infrastructure, applications, network, etc.\) within an enterprise IT environment
3+ years of experience in an IT Information Security role within at least three of the following domains: Vulnerability Management, Network Security, Information Security Governance and Risk Management, Operations Security
Available to travel up to 25% of the time \(domestic only\)

IT Security Analyst Resume Examples & Samples

Provide full lifecycle support for security tools starting with initial design through day 2 operational support and tuning
Work closely with Global Information Security (GIS), the GBU security teams, as well OCI to evaluate the changing security landscape and solution tools to help protect for emerging threats
Assist OCI, GIS and the GBU security groups to resolve security incidents and manage corrective activity
Ensure sustainability of the security posture with respect to cloud hosting operations and Customer data protection
Be an escalation security point of contact for the GBU security issues resulting from security tools and their implementation
Perform special security or research projects on an ad hoc basis as directed by management
At least 7 years experience with security architecture and tools design, implementation and support
Experience with SIEM platforms like Splunk, with a focus on design, implementation, operating and tuning
Experience with Endpoint management tools such as Tanium and McAfee ePO, their supporting components as well as their implementation, operations and tuning
Experience with IDS/IPS implementation, monitoring and tuning
Experience with Full Packet capture technologies, their implementation and operation. Experience in Moloch is preferred
Experience with Web application firewalls and their proper tuning to support. F5 ASM experience preferred
Knowledge of web application testing, infrastructure testing
Knowledge of web, middleware, database, OS, virtualization, data storage, and network communication technologies
Knowledge of industry security and regulatory standards information security such as ISO-27001, NIST, PCI, HIPAA, etc. and how to use Security tools to help achieve overall compliance and a solid security posture
Excellent team player -- Leading contributor individually and as a team member, providing security support across the GBUs

IT Security Analyst Resume Examples & Samples

Bachelor’s degree or higher from an accredited learning institution
Minimum of four (4) years of information security experience
Experience with Aruba ClearPass
Experience in basic networking concepts (i.e. TCP/IP, switching, routing, firewalls, virtual route forwarding and VLANs)

IT Security Analyst Resume Examples & Samples

Identify, design, and develop new methods for incident detection and intelligence collection of anomalous behavior, system and network patterns, and potential breaches
Identify and gain access to external and internal intelligence resources required to appropriately anticipate threats and risks to CNO assets (information incident trends, known command and control system lists, firewall logs files, full raw packet captures, vulnerability assessment results)
Hunt CNO’s technical environments for known indicators of compromise, analyze findings, and report to security management as needed
Establish a threat modeling methodology to identify, classify, prioritize and report on enterprise threats using a structured approach
With the support of CNO leadership, deliver threat intelligence reports analyzing current threat and risk trends in the context of CNO business operations. The audience of these reports will be CNO, IT Executives, corporate governance groups such as the Corporate Executive Risk Management Committee (and its Information Management Sub-Committee) and associated business unit leaders
Ensures threat intelligence is integrated with internal security monitoring tools
Resolve technical problems concerning the collection of data for the process metrics
Suggest new countermeasures based on threats to CNO information
Integrate internal business intelligence of high value assets into internal security monitoring tools
Accumulate IOC’s from intel sources and configure scans across end points
Responsible for advising SOC services on appropriate analysis and triage of security event information to ensure adequate focus on threats to CNO business operations
Provide written and oral communications as appropriate to the information security manager related to threat management quantitative metrics, reporting, and analysis
Develop and maintain stakeholder relationships to keep abreast of evolving business models, new technology, and technological trends at CNO
Develop and maintain relationships with an external threat intelligence networking groups
Facilitating the resolution of issues with items outside of existing documented processes
Identifying and implementing continuous process improvement
Establishing measurements and targets to improve process effectiveness and efficiency
Communicating new and changed policies
Assist with vulnerability management and SOC/IR initiatives, as requested

IT Security Analyst Resume Examples & Samples

Ability to work with technical personnel, senior university staff and the general campus community
Excellent oral and written communications, excellent interpersonal, communications, collaborative and negotiating skills
Familiarity with industry and government regulations and standards, such as GLB, PCI, HIPAA, FERPA, and NIST SPs
Strong technical background in Information Security methodologies, Internet (TCP/IP) protocols and network architecture/hardware
Experience with using and administering multiple operating systems, especially versions of Windows, Macintosh OSX, and Linux; change management process; programming and scripting languages, such as PERL and Python; vulnerability assessment software, such as Tenable Security Center and Nessus; penetration testing tools and methodologies; intrusion detection and prevention systems, from offerings such as Palo Alto and BRO; a comprehensive understanding of firewalls; forensic tools, such as Encase Forensic and open source tools; familiarity with logging and event management tools, such as Splunk; familiarity with basic computing desktop and server hardware, including storage systems; desktop encryption software, such as Symantec PGP, FileVault, and BitLocker; network access control systems, such as Cisco NAC, ISE, or Aruba Clear Pass; antivirus software, such as TrendMicro OfficeScan and Microsoft Forefront; virtual systems, such as VMWare

IT Security Analyst Resume Examples & Samples

Work directly with end users to identify, isolate and pull malware on the end-points
Identify, analyze, and document malicious network or system activity and determine sophistication, priority, and threat level of computer security related attacks
Key contributor in various facets of incident response including notification, escalation response, and post incident review
Experience managing, responding to and resolving situations caused by malicious attacks
Ability to analyze information to identify network threats such as scans, malware, or complex attacks
Enhance existing incident response methods, tools and processes which provide the organization value by reducing risk
Performs dynamic and static analysis of malware using automated tools or disassembler/debugger
Contribute towards improving incident response delivery by leveraging lessons learned
Eight years IT experience which includes networking, end-point security suites, and 4 years of IT Security experience
Four years experience in working with SIEM, logs, and other events
Three years of security incident response/malware analysis
Two years malware identification, reversing, and analysis
Thorough understanding of malware infection vectors, identification and remediation techniques on multiple operating systems including Windows, OS X, and Linux
Ability to work with huge data sets using command line tools
Capable of scripting using Python, Perl, Ruby, etc, or programming in general
Experience in utilizing the Cyber Kill Chain or Attacker Lifecycle phases
Understanding of netflows, networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network infrastructure
Security processes and technologies including threat analysis, security monitoring and security technologies like IDS/IPS, Malware and DDoS prevention technologies
Extreme capability for network behavior and anomaly detection experience
Vulnerability scanning, pentesting, and code analysis experience a plus

IT Security Analyst Resume Examples & Samples

Review Audit and Authentication logs. Perform analysis to identify anomalies and potential risks. Recommend risk mitigations and countermeasures
Plan and coordinate the Patch Vulnerability Group (PVG) meeting activities (announcements, agenda, actions items, etc.)
Analyze monthly vulnerability scan data, remove exceptions/false-positives, and produce weekly reports and charts for PVG meetings
Perform monthly Plan of Action & Milestones (POA&M) updates. Produce compliance status reports
Complete monthly KATS action item tracking and reporting tasks. Produce compliance status reports
Complete monthly Inventory updates to NASA IT Security Electronic Data Warehouse (ITSEC-EDW)
Review Intrusion Detection system logs. Perform analysis to identify anomalies and potential risks. Recommend risk mitigations and countermeasures
Review Malicious Code system logs. Perform analysis to identify anomalies and potential risks. Recommend risk mitigations and countermeasures
Produce and upload Quarterly FISMA inventory reports
Perform annual System Security Plan (SSP) updates
Perform annual Certification & Authorization (C&A) audit and produce out briefing package
Perform annual Contingency Plan Tests & Exercises. Document results and produce annual CP updates
Participate in annual Incident Plan Tests & Exercises. Document results and produce annual report
Produce annual Continuous Monitoring report
Produce annual Risk Assessment report
Develop positive, open relationship with all customers and teammates to support the ESC and NE mission
Provide implementation and continuous monitoring of FISMA and NIST 800-53 controls across the entire ESC Contract
Support all ESC Continuous Monitoring activities, Contingency Plan testing, and provide IT Security guidance and solutions
Support security requirements identification and development process through evaluation and design assessment, development, production, and operations for Spaceport Command and Control System (SCCS) security architecture and systems
Respond to all IT Security related tasks assigned including the identification and resolution of issues, and providing sufficient artifacts as required for closure
Support resolution of POA&M controls and other security tasks as requested
Design, implement, and operate enterprise IT Security risk management systems that include network discovery, baseline configuration management, vulnerability management, reporting, and mitigation of risks, and enforcing regulatory compliance
Provide recommendations and assessments of Linux/Windows 2008/2012/Virtual servers (Hardware/Software) including System hardening (Vulnerabilities and risk mitigation), IT Security Baseline configuration (CIS Benchmarks & USGCB), Enterprise Anti-Virus
Support continuous monitoring using enterprise host based intrusion detection systems, log management systems, system configuration management systems, observation, test, and research
Positive personal conduct and attitude that recognizes customer service is a primary focus of our contract, and proactive and professional execution is critically important to our success
Ability to work independently without supervision and as part of a team. Deadline and results driven
Ability to gain internal support and establish a solid working relationship with customers, peers, and management
Outstanding oral and written communication skills
Strong written and oral communications skills are essential
Must have strong customer service and ability to speak with all levels of users
Can work independently as well as be an engaging member of a team
Needs to be able to effectively manage time and be focused on assignments
Must possess a strong work ethic
Ability to take ownership of tasks and constantly looking for ways to improve environment and processes
Exercising judgment in prioritizing work load
Understanding the confidentiality of the information stored on the fileservers and ensuring that they are protected against unauthorized access
Ability to multi-task and prioritize workload

IT Security Analyst Resume Examples & Samples

Analyze and respond to security incidents
Aid, and or lead in the ongoing optimization of Security Information and Event Management software (SIEM)
Ability to manage, monitor and support IT Security technologies, including but not limited to Email SPAM filtering solutions, vulnerability scanning solutions, Intrusion Detection Systems (IDS), anti-virus software, Data Loss Prevention (DLP), Data Classification
Ability to identify organizational risk and escalate appropriately
Participate in rotational on-call duties in support of a 24x7 security operations center (SOC) escalation team
Perform other duties and projects as assigned
Bachelor’s or Master’s degree in Information Technology
Acquired 2 to 5 years’ experience in IT, including a minimum of 2 years specifically in an information security environment
Knowledgeable of one or more of the following information security disciplines: intrusion detection system (IDS) monitoring, incident response, information assurance, computer security best practices, system hardening, vulnerability assessment, vulnerability management, antivirus, firewalls, and techniques for analysing TCP/IP network traffic and event logs
Experience log event correlation / security information and event management (SIEM) tools such as IBM Qradar, vulnerability assessment tools such as Rapid7 Nexpose, and GRC and policy management tools such as Keylight lockpath and Tripwire
A security certification (CISSP, CISM, SANS GIAC, Security+, or equivalent) is highly beneficial for this challenging position

IT Security Analyst Resume Examples & Samples

5 to 10 years experience supporting network and network security technologies, especially Juniper Netscreen and SRX Firewalls, F5 Load balancers, Cisco and Juniper routers and switches, Mcafee IDS/IPS and Qradar SIEM
In depth knowledge of routing, switching, firewall, load balancer and DDoS mitigation. Experience in operations roles which include monitoring, troubleshooting, proactive measurement for network and security environment capacity issues
Ability to configure and Troubleshoot Switches (Cisco), Firewall (Juniper) and load balancer (F5 LTM). "hands-on" networking experience in a global production environment
Incident management covers identifying actionable incidents using monitoring system, resolving network issues by advance troubleshooting, coordination with onsite team and vendors
Configure request from server and apps/db team as per change management process
He/She must have understanding of latest threats, correlate different attacks using IDS/IPS and SIEM
Capability to work with other team members in outage calls, coordination with management and SMEs, provide RCA/CA
Cisco and Juniper certifications desired. Additional Preferred
Experience with complex ticketing and incident/request tracking systems
Strong technical knowledge of client/server and Internet concepts and techniques
Highly motivated and self-starter. Strong oral and written technical and interpersonal communication skills including sensitivity to user community and the importance of maintaining a positive vendor relationship

Senior IT Security Analyst Resume Examples & Samples

Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley and DIACAP
Assists in the performs risk assessments and security audits of internal and external facilities against established standards
Assists in the communication and implementation of components of the ESI security awareness program
Strong understanding secof information urity principles
PC skills including knowledge of Microsoft Office

IT Security Analyst Resume Examples & Samples

Experience in Vulnerability Assessment and/or Penetration Testing
Experience with and understanding of assembly language (x86, MIPS, ARM)
Experience with embedded and real-time operating systems
Software Development is an asset
Knowledge of malware analysis techniques and tools

IT Security Analyst Resume Examples & Samples

Familiarity with circuit board soldering techniques
Experience with universal programmers for IC programming
Knowledge of disassemblers and debuggers (IDA pro, ollydbg, Windbg, etc)
Knowledge of the C/C++ programming languages
Experience with static binary and code analysis methods for the identification of security vulnerabilities

IT Security Analyst Resume Examples & Samples

Working knowledge and use of vulnerability scanners and other security tools
Strong knowledge of firewalls, IPS/IDS, VPN, and monitoring/detection systems
Solid understanding of attack vectors and common system vulnerabilities for the purposes of applying defense controls

IT Security Analyst Resume Examples & Samples

Understanding of global information security risk management concepts, frameworks and standards
Broad technical background in infrastructure and applications – especially Oracle components (products and services) – with the acumen and ability to interpret technical specs and architect solutions
Excellent communication skills, analytical capability, judgment, self-driven, multi-tasking, proactivity, and willingness to adapt to change in dynamic, global environment are critical and work directly with customer security executives and professionals
10+ years IT experience which includes server computing, information security, and other infrastructure IT areas
5+ years of IT Security experience across multiple hardware platforms, firewall / router technologies, software, and applications
Security and risk certifications, specifically in technical areas, are strongly recommended
Ability to interface and communicate effectively with both external and internal customers, to describe and represent security risks and controls
Strong focus on exceptional customer service

IT Security Analyst Resume Examples & Samples

Identifies and gathers data needed to meet the requirements of Audit reporting. Acts as the interface to all audit groups, ensuring accuracy and consistency in responses
Manages Logon Service Requests for all MGM National Harbor staff in coordination with Corporate Identity & Access Management Teams
Manages the deletion of accounts for previous and current MGM National Harbor staff as required
Leads investigative activities, ensuring the retention policy and related business procedures are understood by the National Harbor functional organizations
Reviews server patch activities to ensure patches are applied in a timely and managed manner
Approves all internal firewall changes and other configuration changes as identified
Works as property interface with Corporate IT Change Control group
Reviews virus protection logs. Initiates requests for action to the Technical Support Engineers in support of keeping virus protection software and data files up to date
Responsible for Sarbanes Oxley tasks, including providing the necessary documentation to prove that monthly, quarterly and yearly tasks have been completed
Initiates Production Release Forms (PRFs) for applications and solutions that will be implemented into the MGM IT environment
Updates and closes assigned Help Desk tickets to reflect action taken and current status
Promotes and maintains the highest level of customer service to all guests while staying alert to their needs
Responds effectively to guest inquiries related to MGM National Harbor and the National Harbor area providing excellent guest service
Performs other job related duties as assigned
Bachelor’s degree in Computer Science or related field, or equivalent work experience
Minimum three (3) years information technology operations experience
Sound knowledge and understanding of information security principles and best practices
Knowledge of networking and infrastructure components (DHCP, DNS, and Active Directory), operations analysis principles, methods, and practices and a general understanding of the Sarbanes-Oxley Act
Working knowledge of security products such as Norton Virus Protection, Firewall Software, Virtual Private network (VPN) software, etc
Extensive practical knowledge of importing data for use in report software, spreadsheets, graphs, and flow charts
Ability to be on-call for emergencies
Strong analytical and listening skills
Self-motivated with excellent organizational skills and attention to detail
Ability to lift and carry up to thirty (30) pounds at a time
Ability to perform various activities such as constant standing, walking, frequent bending, reaching, kneeling, and squatting
Ability to multi-task several activities and duties simultaneously
Ability to function and act independently
Ability to work well with people, in a team environment, and to communicate effectively both written & oral
Ability to function in a fast paced environment, under short time constraints, and within established deadlines
Ability to work a flexible schedule including extended hours, weekends, holidays and evenings

IT Security Analyst Resume Examples & Samples

1996) every practice or healthcare organization must designate a privacy officer. The privacy officer may have other titles and duties in addition to his/her privacy officer designation in a typical practice or organizational setting. In terms of HIPAA compliance, the privacy officer shall oversee all ongoing activities related to the development, implementation and maintenance of the practice/organization’s privacy policies in accordance with applicable federal and state laws
Assists in the identification, implementation and maintenance of the HIPAA Compliance Training
Performs ongoing compliance monitoring activities
Works with legal counsel and his/her immediate supervisor to ensure the
Knowledge and experience in information privacy laws, access, release of information, and release control technologies
Capability to learn new cloud technologies
Comfortable being a self-starter, remote employee
5% travel
Comfortable with delivering presentations via web conferencing, in—person, and/or facilitated online training

IT Security Analyst Resume Examples & Samples

Bachelor’s Degree in Business Administration, Computer Science, Information Systems Administration an alternative technology related field
3-5 years of Information Security, Internal Audit, or relevant IT experience
Can communicate well with virtual teams
PCI Experience a Plus

100

IT Security Analyst Resume Examples & Samples

Conducting forensic examinations on hard drives, thumb drives, and memory cards
Creating detailed forensic reports describing in plain business language to who, what, when, and how of the event
Briefing senior Leadership, peers, and customers in clear language on incident findings
Performing analysis on computer logs, firewall and server logs to discover links and analyze timelines
Participating in exercises to simulate attacks and determine responsiveness of processes and procedures
Producing Indicators of Compromise (IOCs) for handoff to Intelligence Services
1+ years of experience in information security or related technology experience
Fundamental understanding of application protocols (HTTP, DNS, FTP, etc.), networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools, such as Wireshark
Strong communication skills to translate complex technical concepts into plain English for consumption by non-technical audiences
Experience with forensic tools such as EnCase, Forensic Toolkit, Google Rapid Response, etc
Industry standard certifications such as CFCE, EnCE, ACE, GIAC, or DOD
Tool and script development
Experience in Healthcare or Government

101

Senior IT Security Analyst Resume Examples & Samples

1+ years of Information Technology Security experience
1+ years of experience in support activities related to a primary operating system such as UNIX, Linux, and Microsoft Windows
Experience in a large enterprise environment
Experience with Incident Management process experience

102

IT Security Analyst Resume Examples & Samples

Assessing Computer Architecture Infrastructure Design for all components associated to service(s)
Assessing Logical Access and Network Interoperability for infrastructure components in solution(s)
Identify and propose solutions and/or improvements to architecture for compliance
Define, document, maintain, and communicate standards, processes, and procedures as required
Possess strong understanding of industry recognized security standards for risk management
Be familiar with security solutions at network and component level
Have extensive exposure in managing security across multiple domains
Possess Project Management skills and have ability to coordinate and organize effectively

103

IT Security Analyst Resume Examples & Samples

Technical Background in security covering 2FA methods, Firewalls, IPS, IDS, DDOS, Antivirus, Hardening, Application Security, Access Control and auditing
Execute security operations ensuring that security procedures are implemented according to the procedures and rules in place
Reporting all emergency/crisis management assets providing a timely and coherent response to incidents as they arise
Provide additional operational support and guidance aligned with Global Definitions
Develop a working relationship with personnel and a comprehensive working knowledge of our clients Security system
Be able to develop a security plan to support all projects and activities within the Country of Operations
Task and guide local security teams and personnel to conduct security assessments and threat analysis as required, and where necessary provide feedback on proposed mitigation strategies for local specific threats
Assist in the design and implementation of project related security strategies, security policies/standards and establish a concrete course of action for their implementation and review
At least 3 (three) years of progressively responsible experience in security operations and information technology in a police
Proven Technical experience
Fluency in written and spoken English
Ability to work woth small and large groups of people
Security Certifications are desirable

104

IT Security Analyst Resume Examples & Samples

Demonstrated knowledge and understanding of IT security trends and emerging technologies and an ability to relate them to Stanford and its objectives
Thorough and demonstrated knowledge of networking protocols, principles, and intrusion detection devices, including firewalls and VPNs
Fundamental architecture and configuration knowledge of desktop server and operating systems
Solid understanding of security issues, techniques, and solutions
Strong experience with debugging, troubleshooting, forensics and security utilities
Basic understanding of scripting language
In-depth knowledge of authentication protocols, encryption and other fundamental security technologies
High level of integrity and excellence judgment concerning proprietary and privacy issues

105

IT Security Analyst Resume Examples & Samples

Specific experience and technical knowledge using Cisco and Juniper networking technologies
Specific technical knowledge of client and LAN to LAN ,VPN technologies
Experience with Windows Server and Oracle Linux

106

Senior IT Security Analyst Resume Examples & Samples

Lead and facilitate IT security and compliance controls assessment, testing and documenting IT security control and compliance requirements (e.g., HITRUST, HIPAA, PCI, FISMA/NIST, etc.) and across SOX domains (e.g., logical access, change management, IT operations, and application development)
Considers legislative mandates relating to information security and general computer controls are met throughout the Company
Assists in the execution of information security control reviews to evaluate IT processes compliance with published policies and standards
Prepares summaries and reports findings as needed
Reviews assessment and test results with appropriate management and provides recommendations
Monitors corrective action plans and compliance metric reporting
Acts as an expert liaison between both internal and external stakeholders on key IT security control and IT compliance issues
Represents the Company's interests on control design and compliance/testing results with external auditors, Internal Audit, other compliance areas, and with both IT and end-user process owners
Participates in information security policy development in collaboration with business partners and management
Leads IT security controls assessments of vendors
Provides training, instruction and guidance to IT workforce members and junior staff members
Contribute to ensure that the tools used by the team are properly deployed, configured and maintained
Monitor security regulations and standards applicable to the Company to identify information security risk and mitigation efforts; provide insight to ensure compliance with security related regulatory requirements (HITRUST, HIPAA, FISMA/NIST, PCI, SOX, etc.)
Provide assistance to other security teams when requested or may perform other duties in special projects as assigned
Lead in providing guidance during new system design or existing system redesigns to foster awareness of and compliance to appropriate IT and security policy and standards
Bachelor's Degree (or higher) in Computer Science, or in a computer-related field of study or High School Diploma/GED with 10+ years of experience in IT systems, IT compliance, IT audit, and/or information systems risk assessment in lieu of degree
4+ years of experience in IT systems, IT compliance, IT audit, and/or information systems risk assessment
Available to travel approximately 10% of the time
Professional certifications: CISM, CISSP, CRISC, and/or CISA
Big 4 experience
Able to work independently as well as on a team in a fast-paced, deadline-driven environment

107

IT Security Analyst Resume Examples & Samples

Minimum 2 years working experience in IT industry and Excellent knowledge in using computers
General Knowledge about the security architecture, products and concepts
English – advanced - ability to communicate effectively and appropriately with other level of support from global teams and people of other cultures
Ability to understand security alerts, establish facts and draw valid conclusions to solve the issues
Knowledge of Windows, Unix, TCP/IP, Firewalls, IDS. Understanding of security technologies including Firewalls, VPN, IDS/IPS, as well as knowledge of SOX IT Controls; Windows Update Service Version 2 and 3
Knowledge of Microsoft AD
Knowledge of SQL queries

108

IT Security Analyst Resume Examples & Samples

Experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts
Malware analysis and reverse engineering
Experience in building sandbox/test lab environments to evaluate malicious code
Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data
Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred
Minimum two years experience performing incident response with an emphasis on system compromise analysis
Experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools
Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products
Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
Creation of tools to automate analysis of malicious binaries
Strong understanding of incident response methodologies and technologies
Ensure the confidentiality, availability, and integrity of SOC data sources

109

IT Security Analyst Resume Examples & Samples

Review logs of all security systems for anomalous behavior by user or system
Manage and maintain security systems including web proxies, IDS/IPS/, Anti-SPAM, Vulnerability Scanning and Data Loss Prevention,
Provide 2nd level support on Associates requests regarding
Participate in On Call Schedule
Participate in Incident Response as required
Requires good analytical skills
Requires great teamwork
Passion for information security
Passion for creating and implementing information technology solutions for business problems
Graduating Winter 2016 – Spring 2017
Demonstrated top caliber analytic and problem-solving skills
A 4-year degree (Computer Science or Business Information Technology preferred)
A history of achievement and aptitude demonstrated by a GPA of 3.0 or above, and/or other recognition such as scholarships, awards, and honor societies

110

IT Security Analyst Resume Examples & Samples

Identify security weaknesses in the technical and operating environment
Partner closely with system and network administrators to educate teams on information security best practices
Generate platform vulnerability, remediation, and action plan reports
2+ years’ experience with bachelors or 8+ years equivalent experience
A technical background or field of undergraduate study (e.g. Management Information Systems, Computer Science, Electrical Engineering, Network Technology and Security) is required

111

IT Security Analyst Resume Examples & Samples

Analyze malware using reverse engineering and forensic tools
Key contributor in various facets of incident response including notification, escalation response and post incident review
Ability to analyze information to identify network threats such as scans, computer viruses or complex attacks
Five years IT experience which includes networking and end-point security suites, plus 2 years of IT Security experience preferred
Understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network infrastructure
Malware identification, analysis, reverse engineering and disk forensics
Network behavior and anomaly detection experience a plus

112

IT Security Analyst Resume Examples & Samples

Examine, interview, and test procedures in accordance with NIST SP 800-53A Revision 4
Ensure Agency policies are adhered to and that required controls are implemented
Validate respective information system security plans to ensure NIST control requirements are met
Familiarity with NIST requirements, particularly 800-53 revision 3 and revision 4
Author recommendations associated with your findings on how to improve the customer’s security posture in accordance with SOM PSP & NIST controls
Ability to assist team members & Vendors with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
Solid knowledge of information security principles and practices, as well as an advanced understanding of security protocols and standards
2 years of experience in the IT industry, and be familiar with the applicable NIST Special Publications 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1
Experience reviewing IT systems/applications plus basic knowledge of networking components and various operating systems in including UNIX and Microsoft
The ability to work independently and as part of a team
Preferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification
Expertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
Collaborate on multiple projects at a given time and experience with Vendors
Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change.This position requires the successful completion of a background investigation and/or drug screen

113

Senior IT Security Analyst Resume Examples & Samples

Lead contact with regard to compliance operations within the Oracle AU Public Sector Clouds
Creates and maintains Information Security documentation such as System Security Plans and Security Risk Management Plans, Statement of Applicability and others such as Security Operating Procedures, Incident Response Plans, Business Continuity Plans and Disaster Recovery Plans
Evaluates regulatory compliance requirements and engages with a variety of cross functional teams
Key team member of engineering design and development of government cloud based systems
Evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organization’s objectives and goals to be met
Reports risk management issues and internal controls deficiencies identified directly to the Cloud Regulatory Compliance Program and provide recommendations for improving the organization’s operations, in terms of both efficient and effective performance
Evaluates information security and associated risk exposures
Evaluates regulatory compliance program with consultation from legal counsel
Evaluates the organization’s readiness in case of business interruption
Maintains open communication with management and teams across Oracle Cloud Operations
Engages with other internal and external strategic resources as appropriate; and
Evaluates applicable global standards & compliance frameworks to establish internal standards, guidelines, policies, processes, and procedures
Designs, develops and publishes internal program frameworks, checklists, policy, processes, procedures using creative publishing and editing software tools
Systematically and comprehensively documents the Government compliance program
Networking fundamentals
Experience utilizing vulnerability management and GRC tools such as Nessus, Oracle GRC, Qualys, or similar is highly preferred
Past AU Federal experience preferred
ISO 27001, IRAP, CISSP, CISA, CRISC, CISM, Security +, PMP and other security certifications preferred
Prefer 5 years relevant experience and university degree
**********************************************

114

IT Security Analyst Resume Examples & Samples

Assists in the review, development, testing and implementation of security plans, products and control techniques (e.g., password administration, intrusion detection software, data encryption, data backup and recovery)
Assists in the reporting of data security incidents and may support investigations as required
May participate in the monitoring of existing and proposed security standard setting groups, State and Federal legislation and regulations
Bachelor's degree in Computer Science or a related discipline or equivalent experience and a minimum of two years Information Technology work experience. Knowledge of security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience
Experience using FAIR model for risk assessment a plus
General audit and security experience in IT Audit and Risk Assesment
Desktop applications
Assess IT Controls
Application Risk Assesment

115

IT Security Analyst Resume Examples & Samples

Bachelor’s degree in Information Systems Security, Information Technology, Management Information Systems, Computer Science, Computer Engineering or related field
One (1) to three (3) years of information security experience
One of the following certifications preferred: CISSP, SANS GIAC, CCNA Security, CCSP, or CCIE Security
Solid understanding and demonstrated experience with

116

IT Security Analyst Resume Examples & Samples

Provides assistance and support as requested to Security Engineering, IDM Engineering, Network Engineering, Security Risk Management and/or Information Security Ops
Pursue continuing education to grow and maintain knowledge of best practices, compliance requirements, threats and trends in information security, translating into operational action items, policies, procedures, standards and guidelines as part of the IT Security team
Communicates technical information to team members
1-2 years’ experience in related job area (IT support, information security, identity/access management, IT Audit, forensics/eDiscovery) strongly preferred
1-2 years’ experience in programing or system/network operations and administration preferred

117

IT Security Analyst Resume Examples & Samples

Review and negotiate client contracts, Request for Proposals and Master Services Agreements for information security compliance and risk related issues
Monitor the legal and regulatory landscape to ensure risk and information security policies align with compliance requirements and operational effectiveness
Interpret, monitor, document and maintain corporate risk and information security policies, standards and guidelines
Keep abreast of emerging risks and technologies to ensure polices and standards address these risks
Maintains the company’s firewall and ensures utilization of encryption methods
Provides direct support to the business and IT staff for security-related issues
Strong background in security operations, processes, solutions and technologies
Strong understanding of policy, compliance, and best practice security principles
Working knowledge of Linux, Windows, and Network Operating Systems
Proficiency in project management
Results oriented, business focused, and successful at interfacing across multiple organizational units

118

IT Security Analyst Resume Examples & Samples

Experience with host-centric tools for forensic collection and analysis (FTK, Helios, SIFT, Encase, etc.)
Experience in financial services industry helpful
Detailed understanding of APT, Cyber Crime and other associated tactics
System/Application vulnerabilities and exploitation experience
Experience with malware analysis (dynamic and static) preferred
Ability to develop partnership-oriented relationships with business Executives and functional leaders, especially as it relates to operations and technology

119

IT Security Analyst Resume Examples & Samples

Ensure ANZ staff are satisfied with the security services provided by the CSIRT function
Conducts continuous improvement initiatives to uplift and mature the CSIRT function
Identification of and propose amendments of any playbook work instructions or processes which need to be amended for optimizations or regulatory requirements
(Future state?) On-going development and maintenance of rulesets in the various security toolsets operating within ANZ & MSSP
Ensure that all mandatory training has been completed to a level which ensures that you are compliant with all ANZ essential courses and any other courses which have been deemed mandatory by the business unit
Participate in cross-training skills & ensure no critical/key person risks with regards to responding to security incidents, following in-house security incident response procedures or operating any of the security toolsets that are used within the GSOC
Bachelor’s degree holder in Information Technology
Open to newly graduates

120

IT Security Analyst Resume Examples & Samples

IT Security Incident monitoring and vulnerability analysis
Communicate with various stakeholders including management at all level and vendors
Ability to present security solutions and be part of the continuous transformation of the global IT security in Novo Nordisk
Support large project and initiatives in the Infrastructure, Systems and IT security
Ensure in various engagement the Compliance requirements are met. Provide support for areas in Quality and Process for various IT Security Projects and systems
To stand up to the pressure that comes with being responsible for a global IT Security
Act as a back-up for the fellow Security Analysts when required
Identify opportunities for improvement. Demonstrate pro-activeness and ownership
Ability to perform ISSCP and manage security campaigns
Minimum 6+ years’ experience working within IT Security and have deep understanding of the principle and strategies central to enterprise IT Security
Bachelor or similar graduate degree field in Engineering, Computer Science
4+ Year of relevant IT Security experience
Technical management experience from an international service firm
Excellent communication skills in English and comfortable working with different cultures and time-zones

121

IT Security Analyst Resume Examples & Samples

Working with the Incident Response team to help create RCA’s for events escalated to incident levels
Development and execution of Standard Operating Procedures, Event Handlers and Job Aids required for successful task completion
Security Operations Center (SOC) environment experience with at least 3 years of IT to include 1+ years of related SOC and incident monitoring experience a MUST
Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation

122

IT Security Analyst Resume Examples & Samples

Manage and monitor SIEM infrastructure and other security tools for security alerts and breaches and investigate a violation when one occurs - 20%
Bachelors/4 Year Degree Or equivalent Network, Server administration/operations experience
Experience: 2-3 years of Retail environment/support experience
Working knowledge in security Concepts (Network, desktop/servers, laptop, mobile, Firewalls, DMZ's, Anti Virus, Malware, Intrusion Detection/Prevention Systems, Network Security, Penetration/Vulnerability Assessments) - Preferred
Working knowledge of policy, compliance, and best practice security principles - Preferred
Strong Analytical/Organizational/Time Management skills. Must be able to quickly conceptualize and explain new methods, processes and procedures for practical application
Strong Interpersonal and Communication Skills. Must be able to explain complex systems and technical topics to others who may have minimal technical knowledge using Oral, Written and Visual presentation
Ability to work independently or in teams, with minimal oversight, driving positive results in difficult circumstances while maintaining attention to detail
Keep abreast with latest security trends, threats, & technology developments through industry publications, alerts from security organizations and security events/seminars

123

IT Security Analyst Resume Examples & Samples

Responsible for Security Operations and Incident Response
Responsible for Forensics and eDiscovery
Identifies, evaluates, and recommends new products and technologies that align with business objectives
Develops and communicates technical, systems and application standards and ensures compliance with existing standards
Creates and maintains systems documentation for testing and validation
Performs post-implementation support, identifying root cause with strategic solutions to problems
Works with vendors to analyze and troubleshoot solutions
Contributes to the project planning of hardware and software procurement process
Leads and trains fellow IT Team members in organizational security tools and processes
Custodian of the Information Security knowledge store used by the IT Team

124

Lead IT Security Analyst Resume Examples & Samples

Bachelor’s degree in Computer Science, Business Administration or Management Information Systems or related field
Minimum of 5 years IT Security or Network Engineering experience
Strong conceptual understanding of information security theories
Strong project management and vendor management skills
Strong problem solving skills with well-organized and structured work habits
Strong skills in learning existing tool administration
Fluent in English, both verbal and written
Knowledge of Spanish, Portuguese, or Mandarin Chinese preferred but nor required
Security certifications such as CISSP, CISM preferred but not required
Deep Knowledge of Network, Application and Cloud security
Experience in working with third party security operations service providers
Experience performing forensics and investigations
Knowledge of NIST and OWASP frameworks
Excellent written and oral presentation skills
Ability to translate security concepts to the business succinctly
Excellent interpersonal skills and ability to work in a team environment with competing priorities
Ability to work within short deadlines

125

IT Security Analyst Resume Examples & Samples

Bachelor’s degree in Information Technology / Systems or equivalent work experience
4-5 years’ experience in IT with a focus on IT Security
Knowledge of industry IT security and risk frameworks and standards (NIST 800, COBIT)
Knowledge of authentication, authorization and encryption
Knowledge of the CVE vulnerabilities library, vulnerability and risk assessment
Knowledge of tiered application architectures, web applications, mobile applications, and desktop applications
Knowledge of secure application development, coding, and DevOPS with some programming experience
Knowledge of techniques for securing cloud environments and applications
Knowledge of IT operations Unix (Linux) and Windows systems administration,
Understand Windows Active Directory, LDAP
Knowledge of public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
Knowledge about Network protocols
Understanding the Risks of mobile device use in the Enterprise (Mobile device management, securing mobile devices, Bring Your Own Device
Understanding of how to evaluate and secure Software As A Service solutions, hosted solutions, outsource providers, and other external IT solution arrangements
Certifications in IT and security (i.e. CISSP, CISA, CCSP, SANS) desirable
Excellent work ethic, self-starter, strong interpersonal skills
Willing to respond to security -related incidents (off hours) and provide a thorough post-event analysis
Expertise in setting and managing user expectations
Proactive, high energy, and strong work ethic
Ability and comfort to speak and write with people at all levels of the organization
Experience working in a matrixed organization
Ability to achieve consensus across multiple teams

126

IT Security Analyst Resume Examples & Samples

Assists Management in identifying knowledge gaps and providing training to Analysts and Technicians in the IT Security organization as directed
Responsible for processing inbound Information Security Incidents from MSSP SOC, Field teams, Site Directors, Compliance/Privacy, Help Desk, and others
Performs triage function, rerouting requests and incidents as appropriate
Responsible for monitoring, operating, and maintaining network and endpoint security systems
Processes events, data, and information output from these systems, identifying incidents as well as operational performance concerns
Performs incident research, resolution, and managed escalation, sometimes assisting in complex, high-profile incidents
Provides assistance when needed in root-cause analysis efforts to determine improvement opportunities when failures occur
Partners with cross-functional IT and business resources to effectively perform incident response tasks in support of the Information Security Incident Response Plan
1-2 years’ experience in related job area (IT support, information security, identity/access management, IT Audit, forensics/eDiscovery) required
2-4 years’ experience in programing or system/network operations and administration preferred

127

IT Security Analyst Resume Examples & Samples

At least 5+ years of hands-on experience in the IT industry
At least 3+ years of hands-on experience in IT security roles
Hands-on experience with Windows, UNIX, and Linux operating systems
Experience and knowledge of hardening systems
Knowledge of network communications systems and equipment
Practical experience in at least one common scripting language (i.e. Python, Perl, VBS)
Practical knowledge of risk management principles
Interpersonal skills to maintain constructive employee relationships in an adverse environment
Analytical and problem-solving skills to facilitate and resolve complex business problems

128

IT Security Analyst Resume Examples & Samples

Establishing and implementing cyber protections as prescribed by the Southern Nuclear Cyber Security Plan
Designing, developing and implementing cyber security products and procedures
Providing cyber security expertise and consulting
Bachelor’s degree strongly preferred. Equivalent experience will be considered
Knowledge and understanding of information security concepts and best practices
Extensive experience with network infrastructure, modern operating systems, database applications, web applications and other computing technologies
Experience with cyber security regulation as it applies to the nuclear energy and utility industry
Industry certification preferred (CISSP, CISA, CISM, GIAC)
Knowledge of the Nuclear business, Nuclear Plant Operations, and Nuclear Plant Control Systems desired
Plant Instrumentation and Controls (I&C) experience is a plus
Understand, relate and transform cyber security regulatory requirements into cyber security policy, standards, procedures and guidelines
Architect strong technical security solutions for new and existing plant control system environments
Assist in the ongoing development of Southern Nuclear’s cyber security architecture – identify areas of opportunity, research alternatives and recommend solutions
Ensure new products and technologies conform to cyber security policies, standards and best practices
Partner with others to identify and resolve cyber security issues
Plan, coordinate and lead cyber security projects
Help business customers understand and apply cyber security concepts, processes and technologies
Maintain current knowledge of cyber security concepts, technologies and practices
Work closely with Nuclear Engineering, IT Security, IT Infrastructure Services, Plant Contacts, team leads, and customers to ensure all work assignments are completed on time and with the highest level of quality

129

IT Security Analyst Resume Examples & Samples

Contributes frequently to team knowledge base
Documents work performed
Interacts with security architecture as necessary to understand, apply, and enforce security requirements
Provides increased availability during inclement weather conditions
Assists or leads project oriented firewall deployments
Adheres to proper Change Management requirements and processes
Responds to Incidents in a timely manner
Leads investigation/troubleshooting efforts during service disruption events
Bachelor's degree in Computer Science or a related discipline or; OR 4 years or more of equivalent direct work related experience in lieu of a degree
Three or more years of relevant work experience in addition to a degree
Working understanding of security principles – desires to improve security posture of enterprise
Experience troubleshooting network traffic
Working knowledge of NAT principles and troubleshooting
Working knowledge of DNS and DHCP
Associates or Bachelor’s degree in Computer Science or related discipline
Five or more years of relevant work experience in Information Technology
Strong TCP/IP foundational knowledge
Experience with Firemon
Compliance experience (PCI/SOX)
Experience with Syslog, TACACS, Radius, and SNMP
Ability to troubleshoot network traffic in IPv6 environments
Ability to identify improvement opportunities and solutions
Ability to identify process deficiencies and recommend solutions
Demonstrated commitment to personal and team success
Ability to perform self-directed work

130

Senior IT Security Analyst Resume Examples & Samples

Create content in an agile fashion using a kanban methodology that meets established SLA’s
Utilize the DFIR Content Governance to ensure all content is compliant to DFIR process
Utilize the DFIR Content Governance site to ensure all custom content is inventoried and aligns to naming standards and best practices
Manage the lifecycle of all content which includes ensuring at least quarterly review of all content to ensure it is working as expected and is still needed
Able to work with primary and secondary stakeholders to create content, dashboards, or reports that meet their requirements
Engage with owners of new technologies that are entering ESI to ensure content is compatible. For example migrating from server 2003 to 2008 and content that utilizes event code triggers
Bachelor’s Degree with 5+ years of experience; 11+ years with no degree or equivalent combination of education and experience required
Minimum 5 years of general IT experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity preferred
Minimum 3 years working as a Security Operations Center engineer leveraging Splunk to create custom content including but not limited to; alerts, reports, dashboards, and application research
Minimum 1 years working as a Security Incident Response professional recommended
Ability to work both independently and as part of a team with little supervision
Ability to create splunk custom queries, reports, dashboards, visuals, and alerts. Must be intermediate to advance (3+ yrs direct experience minimum)
Ability to research and recommend splunk technical addon’s and applications to accomplish a goal (3+ yrs direct experience minimum)
Ability to work with large data sets (3+ yrs direct experience minimum)
Understand windows logging taxonomy and event ID’s (1+ yrs direct experience minimum)
Previously an intermediate windows system administrator (1+ yrs direct experience minimum)
Must be process and detailed oriented
Ability to work in sharepoint and MS office
Familiar with agile concepts
Familiar with Incident Response concepts
Ability to fully utilize MS Office products required
Experience with one or more scripting languages such as Perl, Python and PowerShell required
O o

131

IT Security Analyst Resume Examples & Samples

Experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts (3+ years)
Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic
Experience with databases and SQL
Scripting and programming experience (e.g., Python, Perl, Assembly Language, Shell Scripting)
Malware analysis and reverse engineering, creation of tools to automate analysis of malicious binaries
Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP

132

Senior IT Security Analyst Resume Examples & Samples

Privacy Program
FISMA/NIST based security assessments of infrastructure (e.g., Active Director, Windows Server, UNIX, SQL Server, SharePoint) and business applications (COTS and in house developed)
SOX General Computing Controls testing
PII knowledge
Policy writing
IT Enterprise Risk Management
RSAM Database knowledge

133

IT Security Analyst Resume Examples & Samples

Expert level hands-on experience with IT infrastructure comprising various OSes, database security and distributed computation platforms
Strong security expertise
Good command of technologies like Access management, Encryption, Logging software, Webservers
Outstanding project and process management skills
Exceptional English verbal and written communication skills
Creative problem solver and natural entrepreneur; comfort with ambiguity
Can handle both technical and business aspects of hosting and support
Pragmatic approach / Solution minded
Top notch security and confidentiality standards

134

IT Security Analyst Resume Examples & Samples

Defining the scope for security compliance and vulnerability testing
Managing and performing a variety of technical security assessments against infrastructure, applications and devices
Producing security test reports and risk treatment plans written in context to meet the needs of the business
Progressing remediation treatment plans with operational teams
Providing verbal and written updates to internal teams and the customer at all management levels
Assisting colleagues within the Operational Security Team with various other security activities such as protective monitoring and incident management

135

IT Security Analyst Resume Examples & Samples

Native RACF experience required
Mainframe knowledge and experience required
Ability to write and submit JCL required
Familiar with IBM tools (for example: ICETOOL, DFSORT, etc.) required
REXX and SAS experience required

136

IT Security Analyst Resume Examples & Samples

Build and maintain the processes and systems utilized for security event management and incident response
Build and tune use cases and reporting for security event monitoring
Perform investigations of security incidents and escalate as appropriate
Coordinate the IT Security incident response process
Catalog and inventory vulnerability data for prioritization and remediation
Keep detailed records of security events and incidents
Provide supporting materials for audit and regulatory requests
Coordinate the relationship with a Managed Security Services Provider (MSSP)

137

IT Security Analyst Resume Examples & Samples

Operates formalized IT Security programs and processes such as Patch Management and Security Requests
Supports the technical execution of IT Security programs such as Incident Response and Event Monitoring
Researches and prepares periodic and ad-hoc reports of IT Security program execution
Performs ongoing research of IT Security related topics
Acts as the liaison among stakeholders to review, document, and communicate system activities to ensure access assignments or requests are completed consistent with service level and IAM information security standards. Drives processes to understand security access requirements and develops role models and standards for IAM processes
Analyzes root cause to recommend resolutions for provisioning and de-provisioning activities in accordance with security standards, policies and procedures
Performs peer review role validation and analysis
Required An Associate's Degree in Computer Science or IT related field
Required or equivalent work experience 1 additional year of relevant work experience may be substituted in lieu of degree
Required 3+ years of experience in Active usage and/or support of Information Security systems and activites
Preferred Other Healthcare experience
Advanced Ability to multi-task
Intermediate Demonstrated problem solving skills
Intermediate Demonstrated analytical skills
Intermediate Ability to work as part of a team A history of working in collaborative, team-oriented environments with a commitment to results and a proven track record of accomplishments
Intermediate Other Strong decision making skills
Required Advanced Microsoft PowerPoint
Preferred Intermediate Other Intrusion detection systems
Preferred Intermediate Other Active Directory
Preferred Intermediate Other SIEM tools
Preferred Intermediate Other IAM software (Sailpoint, Oracle)

138

IT Security Analyst Resume Examples & Samples

LDAP experience (OpenLDAP, Active Directory, eDirectory, etc.), RADIUS (including vendor attribute awareness), and SAML. Experienced in Identity and Access Management technologies. Prefer experience in federation between ldap environments as well
Cisco IOS on firewalls and switches, Cisco AnyConnect, Juniper Firewalls. In addition, experience with network routing principles and philosophies
Configuration Management on platforms such as Chef and/or Puppet
Database Management (MySQL, Oracle SQL, etc.) including installing, tuning, and maintaining
Expected to install, configure, tune and maintain servers in a highly available and scalable environment, working with multiple hypervisor technologies and building disaster recovery solutions
Good written and oral english communication skills
Experience with various security technologies such as IDS, proxy, taps, SIEM

139

IT Security Analyst Resume Examples & Samples

Analysing network, application and system log events in order to identify any potential abnormal system behaviours
Raise any incidents for investigation
Keep up to date with evolving cyber threats and identify any new and sophisticated methods of detecting them
Monitor and analyse event logs within a SIEM Environment using LogRhythm
Initiate escalation procedure to counteract potential threats/vulnerabilities
Provide Incident remediation and prevention advice
Adhere to processes related to security monitoring
Provide customer service that exceeds our customers’ expectations
Ensure only authorised access to systems has been adhered to by investigating improper access; revoking access; reporting violations
Monitor and report upwards of any security implications identified as part of Security monitoring
Experience in information security concepts, practices and processes

140

IT Security Analyst Resume Examples & Samples

Responsible for vulnerability scanning architecture, system security designs, implementation and management of information security systems and/or programs for the protection of the environment
Maintains vulnerability management systems
Identifies opportunities and executes plans to improve work-flow and understands, quantifies business impacts of those improvements for communication to management

141

IT Security Analyst Resume Examples & Samples

Understanding of information security risk management concepts, frameworks and industry standards
Experience designing and implementing innovative technical security solutions, processes and services is necessary
Experience in large organizations interfacing with various governance and customer organizations is a must
Candidate should be very comfortable developing technical strategies to address the needs of very diverse set of internal and external set of customers
Candidate should have experience interfacing with executives across a large information technology organization, interfacing with multiple oversight organizations and collaborating across organizations to achieve goals and objectives
Broad technical background in infrastructure and applications – especially Oracle components – with the acumen and ability to interpret technical specs and architect solutions
Deep security technical knowledge of and administration experience, considering security options and tradeoffs, etc
Excellent communication skills, analytical capability, judgment, self-driven, multi-tasking, proactivity, and willingness to adapt to change in dynamic, global environment are critical
5+ years of IT Security experience across multiple hardware platforms, technologies, OS’s, software, and applications
Certified Information Systems Security Professional (CISSP) certification must be in hand or in progress
Certified Cloud Security Professional (CCSP), GIAC Certified Incident Handler (GCIH), Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM) certifications are a plus
Candidate must reside in United States

142

Senior IT Security Analyst Resume Examples & Samples

Apply patches where appropriate and, at the direction of the Security Manager remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
Locate and resolve security problems and failures
Perform normal and exceptional processing of change requests, escalating such requests when appropriate
Partner with the IT Infrastructure team to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems
Assist in the oversight of firewalls, intrusion detection systems, switches and routers
Support data encryption deployments, including key management
Technical proficiency with security-related systems and applications, especially Splunk, Exabeam, Cyber-Ark, Varonis DatAdvantage, IBM Guardium, Palo Alto, Cisco Ironport and Tenable SecurityCenter
Three plus years of related experience in IT Security, IT Infrastructure, or IT Audit
Security or audit-related certifications (CISSP, SSCP, CISA, CISM, GIAC)
Experience in an asset management or other financial services firm a plus

143

IT Security Analyst Resume Examples & Samples

Designs, specifies, implements, codes tests and maintains automated and manual processes in support of business needs and/or corporate strategies. Securely configures and documents computer programs. Acts as liaison between division implementation teams, division process owners and implementation sites while eliciting requirements for process improvement
Works with customers to understand their business processes and needs while managing expectations within the scope of existing business strategies. Participate in projects such as new systems, new facilities to ensure security standards are recognized and implemented. Conduct quality assessments of IT security systems and business applications
Contributes to the design, development and implementation of common information security processes for Cyber Security Incident Response Team (CSIRT)
Identifies security exposures that currently exist or are emerging, and that create potential threats to Baker Hughes infrastructure, systems or data. Notifies leadership of potential or existing threats and proposes risk mitigating strategies
Performs computer forensics for Windows and UNIX based operating systems
Understands network forensics in order to identify lateral movement and threat vectors related to a cyber-event
Works closely with the Cyber Security Operations Center (CSOC) to assists in the monitoring, compliance and effectiveness of implemented security controls and makes recommendations to improve
Assesses present cybersecurity related technical controls and recommends additions or modifications where appropriate to increase defensive posture. Recommends future direction in order to fill existing or emerging gaps as they are known to exist
Engages at all levels of Business and IT Functions as deemed necessary based on the type and severity of a Cyber Incident

144

Senior IT Security Analyst Resume Examples & Samples

4+ years of experience in security engineering, penetration testing, and/or technical operations (with at least 2 of those years in a security-related role)
Excellent troubleshooting and problem solving skills
Extensive hands-on knowledge of system administration and Linux/UNIX operating systems
Ability to effectively juggle many tasks and projects in a fast-moving environment

145

IT Security Analyst Resume Examples & Samples

Support and participate in programs to protect the Confidentiality, Integrity and Availability of the organization's technology infrastructure and information resources
Review existing applications periodically and new applications prior to installation to ensure that the applications adhere to IT security policies and procedures. Perform detailed risk analysis assessment of applications, networks and systems
Assist with the audit of existing systems, Windows, security monitoring, firewall, intrusion detection and remote access logs, scrutinizing network traffic, monitoring the company's virus protection procedures, ensuring adherence to IT security policies, coordinating responses to detected intrusions
Under direction, respond to security incidents related to servers and network devices. Perform regular security audits of critical information security systems and generate appropriate supporting documentation. Assist with comprehensive security reviews of applications addressing all layers
Support the Company’s patch management procedures to ensure all systems are in compliance with required updates
Monitor performance and activity of information security systems and services
A Bachelor of Science degree in Computer Science from an accredited college or university is required or equivalent direct experience
A minimum of 3 year’s experience working with the Network Infrastructure and at least 2 years’ experience in IT security controls and monitoring
Experience with Active Directory security and administration
Experience with network security management tools; vulnerability scanning and remediation; security information event management (SIEM); and tools to defend against and/or respond to attacks when they occur
Experience working with security mechanisms and monitoring systems
Experience investigating security events and determining which events are, and which are not, incidents
Knowledge of use of tools similar to Tripwire, Nessus, EnCase, Tizor Mantra, Wireshark, etc
Must have strong written communications skills and the ability to prepare formal reports and metrics. Must have the ability to communicate technical issues to various audiences and develop trust and good working relationships with all IT support personnel

146

IT Security Analyst Resume Examples & Samples

Primarily work with and assist the Chief Information Security Officer to grow the IT Compliance and IT best practices capabilities for Red Ventures
Become the lead person to track Red Ventures’ compliance with various partner contracts and requirements
Understand the business, design and execute audit programs, execute testing, analyze findings, report writing and presentation to the business, as well as participating in corrective action planning, and tracking issues through remediation with the business owners
Document and assess the design and operating effectiveness of controls and processes to meet established business objectives or security concerns in the IT and network groups across the business
Facilitate meetings with Technology and Network owners to discuss and understand processes and conduct risk assessments to identify and understand the business and related IT Risks, internal controls which mitigate these risks, and related opportunities for internal control improvement
Have Fun
3 - 5 years of current or former hands-on IT experience in IT operations, development or similar disciplines as a foundational basis
2 to 4 years working with and strong familiarity with one or more IT Standards such as SSAE SOC2, ISO 27001, PCI, COBIT and similar
Have proven and excellent verbal and written communication skills. E.g., you can talk to normal people about IT in a way they can understand. You also need to be concise and clear when creating documents and responding to requirements
Ability to manage multiple tasks and responsibilities, work alone or in small teams, achieve established goals and objectives, and communicate progress in a timely and meaningful manner
Ability to understand information security and network risks, with strong technical background and knowledge of Information Technology and security, including Linux, Windows and networking environments
Experience in Internal or External Audit in the IT Risk and Compliance space
Ability to respond in kind to and appreciate the puns offered by the CISO

147

IT Security Analyst Resume Examples & Samples

Daily assessment of new vulnerabilities identified by the third party provider Evaluate, rate and perform risk assessments on assets
Prioritizing vulnerabilities discovered along with remediation timeline(s)
Send and receive notifications with SMEs of vulnerabilities within the environment
Continue to assist improving the overall effectiveness of the platform assessment and response process
Provide reporting, analysis and follow up
Review and quantify the weekly vulnerability scans of the external infrastructure Interact with global teams
Maintain knowledge of the threat landscape
Provide vulnerability analysis and produce reports for management
Attributes of our global professionals include: a dedication to client service, the ability to think in complex and ever changing situations, strong communication skills and the ability to solve problems, execute and transfer knowledge
Hold a BS / BA Required in Computer Science, Engineering, MIS
Dynamic scans, static scans and penetration testing experience a plus
Security architecture and Project Management experience a plus
Knowledge of application/system/network vulnerabilities and experience with vulnerability feeds and reviews (iDefense, DeepSight, etc)
Experience in patch management
Experience working with the Archer platform
Good understanding of operating systems Experience with Microsoft patch Tuesday
Knowledge of vulnerability scoring systems (CVSS/CMSS)
Programming and or developer experience/background
Knowledge of monitoring tools
Innovative, client and efficiency focused

148

IT Security Analyst Resume Examples & Samples

Implement and support the proper deployment and management of solutions that support information security including virus detection, malware detection, encryption, intrusion detection and prevention systems, network and web application firewalls, and other security solutions
Evaluate, recommend and integrate new security technology, controls and tools by conducting feasibility studies and proof of concepts
Monitor/tune intrusion detection, firewall, and security event monitoring and vulnerability assessment tools
Identify security risks and work with teams to mitigate those risks
Perform on call services (after normal business hours) for security and network related issues/concerns
High School Diploma or G.E.D. and Bachelor’s in Computer Science/related field
3-5 years of related experience in Systems Administration experience primarily focused on Security and Networking
Ability to lead and offer ideas and direction
Ability to teach and coach other employees
Ability to make decisions, trouble shoot and problem solve
Ability to plan, organize and coordinate efficiently

149

Senior IT Security Analyst Resume Examples & Samples

Contribute to the development, implementation, and maintenance of enterprise security policies, standards, and processes that help identify and mitigate security risk
Contribute to security risk identification, classification, and mitigation processes
Monitors, tracks, and reports on compliance to security requirements and works with the responsible parties to drive timely remediation
Contribute to the development of security metrics. Track, analyze, and report security metrics and propose countermeasures to address security trends that are not in line with the desired risk profile
Advise departments on security regulatory requirements, enterprise security policies, and security best practices. Contribute to and provide security training and awareness to enterprise personnel
Contribute to and manage security projects and initiatives and ensure the desired outcomes are delivered on budget and on schedule
Oversee and lead the development of technical security standards for various technologies such as network architecture, operating systems, databases, directory services, web services, mobile computing etc
Conduct security risk assessments that analyzed both security controls and technical vulnerabilities
Supports the development and maintenance of all documentation related to network, systems operations and disaster recovery
Works with other functional IT areas on project related activities including the development and maintenance of disaster recovery ability for all critical software and hardware systems
Assists in conducting technology research and feasibility studies / testing for new technologies
Develops and maintains documentation for all assigned responsibilities
Execute and assists in the deployment, monitoring, maintenance, upgrade, and support of IT security systems, including IPDS, Log Monitoring and Correlation, End Point Security, Next Generation Firewalls, Vulnerability Analysis and System Hardening
Manages Incident Response program
Bachelor's Degree from an accredited 4 year university
Minimum 3 years of experience in the information security, information technology, enterprise risk or compliance field
CISSP; Cisco CCNA - Security
Expert knowledge in Security policy frameworks and control design including managing policy exceptions, identify compensating controls and remediation action plans
Hands-on experience with a variety of information security technologies
Strong functional knowledge of information security such as GRC, vulnerability scanning tools, Access Control Systems, IDS/IPS, Log Management / Correlation, Authentication (including SSO / DFA), Encryption, Cloud (Private / Public / Hybrid) and associated technologies. Working knowledge of physical security controls
Strong knowledge of networking and systems architecture. Experience implementing network, applications, web services, database, and operating system security configurations
Advanced technical understanding of network relates protocols and services (TCP/IP, DNS, DHCP etc.)
Experienced in End-user Security Training
Experienced in Disaster Recovery Programs
Must be team player and exceptionally customer service oriented
Excellent understanding of organizations goals and objectives
Good communication skills (verbal and written)
Must be very organized and self-motivated / independent worker with keen attention to detail and follow through
Ability to prioritize and execute tasks in high-pressure environment
Frequent work outside regular business hours to facilitate system upgrades / rollouts

150

IT Security Analyst Resume Examples & Samples

Ability to review log files for anomalous activity
Ability to understand vulnerabilities and security concerns associated with different types of devices and software
Understanding of basic security controls and principles such as access control using least privilege, data protection using encryption, vulnerability management, identity management, endpoint protection, social engineering, etc
Security+ or equivalent
IT, Windows, Linux and troubleshooting skills a plus
Insurance or financial services industry experience a plus

151

IT Security Analyst Resume Examples & Samples

Perform daily tasks using all security solutions and technology used in cyber security to provide protection and regulatory compliance
College degree with a concentration in computer science, technology, accounting or business or equivalent combination of education and experience. Minimum of 3 years experience in I/T including 1 year in applied cyber security
Ability to excel in a team environment. Should possess a broad knowledge relating to I/T infrastructures and have in-depth and up-to-date experience with multiple operating systems and desk side integration

152

IT Security Analyst Resume Examples & Samples

Minimum of 2 years hands on experience managing firewalls (Any firewall)
Minimum of 2 years hands on experience managing client and PtP VPN’s
Minimum of 2 years hands on experience managing authentication (i.e. RADIUS, ADFS, TACACS, Diameter, etc.)
Solid experience and ability to analyze packet captures
Development and management of Information Security Policies a PLUS
Endpoint security – i.e. anti-malware / malicious code mitigation (Trend)
PKI / SSL Certificate
Single Sign-On (ADFS / SAML)
Log Management & analysis (SPLUNK)
Domain registration / DNS management knowledge
Proxy server operation knowledge (Zscaler External Proxy)
Server admin (MS and Linux)

153

IT Security Analyst Resume Examples & Samples

Assist OMCS Sales organization in reviewing prospect's security and compliance requirements; making recommendations tied to OMCS standard security/compliance controls or to add Enhanced Security Services
Design and implement Web Application Firewall services
Collaborate with OMCS Security Operations, OMCS RM Threat management and IT sec ops teams in optimizing Web Application Firewall monitoring and management services
Provide product feedback to the vendor and conduct product evaluations for competitive solutions
Manage service related documentation and offer technical trainings to support teams

154

IT Security Analyst Resume Examples & Samples

Tracks all AFRC Project IT Security plans and helps ensure that they are complete and meet the agency Authorization and Accreditation (A&A) Package requirements
Assists in the development and input of IT Security Plans into the Agency database, to include formatting, proofreading and uploading supporting documents
Ensure all signatures are gathered and appropriate documents are uploaded in ITSC prior to and following A&A audits
Assist in the development of common responses to NIST Special Publication 800-53 Rev. 4 controls. Update all Security Plans with new common responses
Act as liaison between System Owners (SO) and A&A Office (AAO) on changes to controls and subsequent security impact on system
Provides SO guidance on providing the information required for the A&A Package and working with the Center's IT Security Office to ensure that all internal and external reviews are completed on schedule
Keep and monitor checklist of items that must be completed prior to audit on behalf of System Owner. Send out weekly reminders to ensure all items are completed
Focal point for scheduling Assessments to include contacting the auditor, assisting with the system sizing and pricing document, arranging for meeting rooms and office space for the auditor, ensuring vulnerability scans are scheduled, completed, and uploaded to Agency database prior to visit per stated requirements of auditor
Track all open Plan of Action and Milestones (POA&M) for each supported security plan and follows up on all POA&M items weekly. Produce monthly and quarterly status of POA&M items. Coordinate creation and approval of POA&M deviations and extensions for all Security plans
Notify AAO of potential non-compliance for key milestones for all security plans
Track contingency plan test dates for all Security Plans and ensure that each system owner completes a contingency plan test annually, prior to the due date
Work with Project Engineers, IT Security and System Administrators to document IT Security System, hardware, and software configurations. Ensure documentation is updated whenever configurations change; follow configuration control policies and procedures. The following are some of the more common required documentation that will need the ITSE support: IT Security Plan, IT Security Risk Assessment, IT Security Controls, Assessment and Authorization, and NASA Information Technology and Institutional Infrastructure Program and Project Management Requirements Document
Security+ preferred

155

Senior IT Security Analyst Resume Examples & Samples

10 years’ experience in IT Security
Masters’ degree from accredited university in Computer Science (or related field) required
Experience with CISSP, CAP, Security+, Network+
A keen interest in security and the need for the Confidentiality, Integrity and Availability of information and information systems to be maintained
Must have broad technical knowledge and expertise the following areas: network devices, server operating systems (Windows/Unix), desktop operating systems, application system administration, application implementation and support
Must be able to plan, design, write, and administer information security policies and procedures
A sound understanding of technology, including: networks, firewalls, malware, hacking and vulnerability techniques, software development processes and agile practices
Network Architect Support: Must have expertise level knowledge and experience on the following IT security categories: Network security, access control, vulnerability management, security policy and procedures, security tools, BCP/DRP, hardening, security monitoring and security compliance
Expertise in Network Security and Firewall Security, should be able to understand “as is” and recommend “to be” network and firewall security
Strong communication skills – able to explain matters that are often complex and obscure to non-specialists and, good at listening and sensitively interpreting others
Confident and trustworthy – keen to earn the respect and trust of, and inspire, others

156

IT Security Analyst Resume Examples & Samples

Performs accurate, timely, and compliant access provisioning and de-provisioning
Serves as SME for identified components of the team. Supports team and management in identifying necessary process/policy development and implementation
Identifies and implements process enhancement opportunities, assists in facilitating day to day team functions
Uses in-depth knowledge and experience to provide technical leadership in evaluating current environments, identifying risks and gaps, and recommending appropriate short and long term mitigating solutions
Assists in efforts to develop standard practices, components, guidelines for use of complex technology components
Participates in resolving urgent and high production incidents. Participates in actions to determine root cause of problems and drive resolution
Participates in publishing, monitoring, and mandating information and computer security policies and security awareness information and programs
Participates in and/or schedules periodic security assessments across multiple platforms/networks
Maintains and supports systems to protect data from unauthorized users
Identifies, reports, and resolves security violations. Participates in resolving urgent/high priority incidents and uses skills and expertise to determine root cause and drive resolution
Performs complex security resource and access rule maintenance. Develops and implements security monitoring and violation reports that identify attempts to access unauthorized material
Leverages prior knowledge, skills, experience and solid judgement, to plan and accomplish goals
Equally effective in both working independently with minimal guidance, and participating in or facilitating team activities
Requires bachelor's degree in area of specialty (e.g. Computer Science, Information Technology) and 2-5 years of experience in Identity & Access Management, and/or other IT Security related fields
Excellent working knowledge of Active Directory, and of ITSM/IAM standards, methodologies, and best practices, Ability to develop and communicate process change to help organization move towards best practice, and to increase organizational process maturity
Microsoft Office and ability to adapt to ESI proprietary systems
Ability to provide supportable solutions to a wide range of difficult problems; solutions are innovative, thorough, practical and consistent with organizational objectives

157

Senior IT Security Analyst Resume Examples & Samples

Information Security Policies, Procedures standards and Best Practices
Incident Management and Response
Disaster Recovery planning as required
Third Party Security Reviews
Information Security Audit and Test Support
Data Classification
IT Records Retention
Manage SDLC as required
Ensure HIPAA compliance throughout IT security is a plus but not required
Strong coordination skills
Aptitude in solving problems independently
Process and project management experience, a plus
Sound decision-making ability Will abide by departmental policies and procedures, including authority levels,
Understanding of frameworks and standards, such as SANS Institute Critical Security Controls, ISO/IEC 27001/2, COBIT 5, NIST, OWASP, and Risk Management Frameworks, as well as Privacy Act and other rules and regulations
Understanding of cyber-security principles such as encryption ports, protocols & services, policies, procedures, physical security, risk management, configuration management, ethics, access control, security architecture, continuity of operations, contingency planning, application security, etc

158

IT Security Analyst Resume Examples & Samples

Maintains and develops procedures and documentation that support PPL’s compliance with NERC CIP-009, Recovery Plans. Directly supports demonstrations of compliance during audits
Develops and delivers Business Continuity and Disaster Recovery drills that allow PPL the opportunity to test and improve plans
Provides high level research on internal projects, recommending strategic directions and plans that address company-wide security issues. This includes projects related to Critical Infrastructure Protection (CIP) implementations
Develops, coordinates and implements disaster or emergency recovery procedures for information systems and computer environment
Develops, coordinates, and implements disaster recovery testing procedures and requirements and ensures applications are meeting DR/BC requirements
Bachelor's degree in information security, computer science, math or business related field or an alternate combination of education and experience which results in equivalent job knowledge
At least 3-5 years’ experience in IT with emphasis in Business Continuity or Disaster Recovery that includes planning, monitoring, and executing tasks such as Business Impact Analysis,determination of Recovery Time Objectives (RTO)/Recovery Point Objectives (RPO), disaster recovery testing procedures, and disaster recovery testing coordination
Skills in effectively adapting to rapidly changing technology and ability to apply it to business needs and to merge multiple tools together to solve problems
Strong analytical and problem solving background; good project management skills with ability to multitask and manage multiple small projects in a cross-functional environment
A successful academic or work background indicating a demonstrated ability to absorb information, apply conceptual skills in practical applications, achieve desired results in a highly technical, operating environment
Incumbent must effectively deal with the rapid technological and business change while maintaining enthusiasm and displaying sound judgment and common sense
Engineering, Information Systems or Computer Science degree
Experience with and knowledge of NERC/CIP standards
Certifications such as CBCP, CBCI, C/DRE, CBCM, or EDRP
Membership in Business Continuity Institute (MBCI)
Familiarity with Fusion Framework Risk Management System

159

IT Security Analyst Resume Examples & Samples

Provide support to the Vulnerability Management team, providing governance to all the Vulnerability Management work-streams for Web Applications, Host OS patching (Server & EUC), Applications, Database and middleware
Managing intake and vetting process for customer requested scan jobs. Reviewing requests for completeness, facilitating the collection of any missing information
Primary technical contact for all VM scanning tools across enterprise, which will includes setting up, configuring, scheduling and executing VM scans
Collaborate with developers, development managers, technology peers, and business contacts to identify security vulnerabilities and risk mitigation strategies
Develop actionable data that can be consumed by the business to help mitigate and remediation vulnerability risk as it relates to our vulnerability scanning data
Research new strategic tools and processes to enhance and advance our vulnerability management program
Associate’s Degree required; Bachelor’s Degree preferred
7+ years of relevant IT experience
3+ years of IT security experience
2+ years Experience with various operating systems, Unix, Linux and Windows Server/Workstations

160

IT Security Analyst Resume Examples & Samples

Ensures compliance with and provide input to security policies, standards and procedures. Conducts all tasks in accordance with the requirement to comply with security controls
Designs key security processes and initiatives with minimal technical direction
Collaborates with appropriate customers and peers to understand business requirements and define secure requirements and/or solutions
Researches and provides input to customer and internal security strategy
Takes initiative and drives assignments to completion. Monitors progress of self and others and redirects efforts or asks for help when goals are not being met
Receives assignments in the form of tickets or use-cases and determines the process and scheduling of execution
Identify changes that will affect information security policy, standards, and procedures and recommends appropriate changes
Participates in special projects as assigned
Prepare status reports for management on security matters and develop security risk analysis scenarios and response procedures
Bachelor's Degree required in Computer Sciences, Information Technology or related field
5+ years of experience in architecture, network, infrastructure and / or security
One or more of the following (preferred but not required); CISSP, CISM, GIAC

161

IT Security Analyst Resume Examples & Samples

Manage and develop endpoint security systems and processes
Minimum of 6 years of experience working in IT
Minimum of 3 years of experience with managing endpoint security tools (anti-virus/anti-malware applications, vulnerability management tools, mobile device management tools, etc.)
Understands industry best practices for securing desktops, laptops, and mobile devices
Bachelor’s Degree in Computer Science, Information Systems, or another related field desired
CISSP, SSCP, GIAC, or other security certifications desired

162

IT Security Analyst Resume Examples & Samples

Understanding of information security risk management concepts, frameworks and standards (ISO 27001)
Broad technical background in infrastructure and applications –especially Oracle components – with the acumen and ability to interpret technical specs and architect solutions
Ability to look into details, and conduct structured assessments for the business and work towards enhancing business operations
10+ years IT experience which includes Information systems audit, information security, IT Security management, and understanding of other infrastructure IT areas
ISO 27001 LA
Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM) certifications are a plus
Candidate must reside in India

163

IT Security Analyst Resume Examples & Samples

Identify compromised computers using logs, live response, and related computer centric evidence sources
Serve as an escalation point to Event Analysts for complex or sensitive incident handling
Provide technical team leadership to Event Analysts as required
Advise management on the effectiveness of established operating procedures and recommend modifications where appropriate
Perform HR and Legal investigations as needed
Minimal travel as needed
Excellent Organizational skills and the ability to see Incidents to their conclusion
Additionally, it’s preferred that candidates for this position have
3 years’ experience in any of the following

164

IT Security Analyst Resume Examples & Samples

Achieves customer service objectives by contributing customer service information and recommendations to strategic plans and reviews; preparing and completing action plans; implementing production, productivity, quality, and customer-service standards; resolving problems; completing audits; identifying customer service trends; determining system improvements; implementing change
Meets customer service financial objectives by forecasting requirements; preparing an annual budget; scheduling expenditures; analyzing variances; initiating corrective actions. To also include processing vendor invoices and payment plans
Determines customer service requirements by maintaining contact with customers; visiting operational environments; conducting surveys; forming focus groups; benchmarking best practices; analyzing information and applications
Improves customer service quality results by studying, evaluating, and re-designing processes; establishing and communicating service metrics; monitoring and analyzing results; implementing changes
Maximizes customer operational performance by providing help desk resources and technical advice; resolving problems; disseminating advisories, warnings, and new techniques; detecting and diagnosing network problems
Accomplishes information systems and organization mission by completing related results as needed
Perform services to assure the safety and protection of Oracle Corporation property and personnel against injury or death, molestation, harassment or intimidation and loss or damage from any preventable cause including fire, theft, embezzlement, damage or destruction, trespass, espionage, or sabotage
Support Oracle's Global Physical Security Operational Center Technology and Systems 24/7
Support Oracle Global Physical Security Systems & Technology Throughout the Americas 24/7
Investigate Root Cause Of Alarm Events And Work On Overall Nuisance Alarm Reduction Program
Conduct Routine Systems Health Check On All Systems
Assist In Running Ad-Hoc Custom Reports From Our Various Access Control Systems As Necessary

165

IT Security Analyst Resume Examples & Samples

Monitoring, analysis, remediating and escalation of cyber security events
Running vulnerability scans and analysis results and driving findings to remediation
Enterprise experience with at least one Enterprise Operating System (Linux, Windows, etc.)
Scripting knowledge in at least 1 language (for example VBS, PowerShell, Perl, Bash)

166

IT Security Analyst Resume Examples & Samples

Knowledge of malware patterns and characteristics with an understanding of how to detect and analyze traffic generated by malware and APT
Possess a thorough understanding of all aspects of computer and network security, including such areas as firewall administration, encryption technologies and network protocols
Thorough understanding of at least two of the following skills; as well as the associated tools accompanying the skillset
2-5 years of experience in Security

167

IT Security Analyst Resume Examples & Samples

Perform real-time log analysis to provide network and data security for Dell Services clients, leveraging log correlation platforms
Utilize ticketing system and standard operating procedures for effective call processing and escalation to adhere to client Service Level Agreement (SLA)
Perform all tasks required per shift including reporting, monitoring, and turnover
Confidently communicate technical information to Dell Services client base and internal technical team members
Participate in knowledge sharing with other analysts and develop efficient customer solutions
Coordinate or participate in individual or team projects to ensure quality support for our clients

168

IT Security Analyst Resume Examples & Samples

Provide technical expertise and guidance to the methods and approaches to information assurance as well as the administration of security tools that control and monitor information security
Perform other information security functions as assigned by the customer. Must have strong knowledge and experience of information security technologies and concepts
Monitor inbox and provide immediate support to Critical, High, Urgent requests
Troubleshooting/ Investigate blocked IP, P2P violation, Access exemptions
Bachelor's degree from accredited university in Computer Science (or related field) highly desired, plus at least 2-4 years of related experience
Security+ and Network+ experience
Analytical and objective – able to elaborate on, characterize, assess and evaluate information security concepts dispassionately and rationally

169

Senior IT Security Analyst Resume Examples & Samples

Define requirements, implement and maintain National Institute of Standards and Technology (NIST) compliance for all applicable systems
Define logging aggregation, alerting, patching, backup and restoration capabilities for Industrial Control Systems (ICS), and the corporate network
Performs threat hunting, triaging, and reporting information security events
Define and implement privacy and protection of personally identifiable information
Assists with maintenance of IT General Controls (ITGC) SOX and Payment Card Industry (PCI) Data Security Standard (DSS) compliance efforts
Assists with ISO27002 compliance certification efforts
Documents security procedures and train users on such procedures
Conducts annual table top exercise and provide user security awareness training
Implement and manage Data Loss Protection (DLP) and vulnerability management program
Performs information security policy review for third party/vendor relationships and monitor the service level agreements per agreed upon terms
Leads the security incident response team through all remediation and recovery phases include working with law enforcement
Assess and implement physical security perimeter and entry controls
Assists with IT Operations request as necessary
Participates in and supports the Company’s Continuous Improvement program and projects
Performs other similar duties as assigned
Bachelor’s degree in Computer Science or equivalent relevant experience
Strong understanding of enterprise, network, system, and application level security principles
Working knowledge of NIST, ISO 27002, and/or other security frameworks
Familiarity with Industrial Control Systems in relation to utility practices for operational technologies and service delivery
Excellent troubleshooting skill
Ability to project manage and can successfully complete projects from inception to closure
Global Industrial Cyber Security Professional (GICSP) or Certified Information Systems Security Professional (CISSP) certification is highly desirable
Valid California Driver License

170

IT Security Analyst Resume Examples & Samples

Responsibility for cyber-security operations such as; Firewalls, IDS/IPS, Antivirus – Endpoint protection, BotNet-CnC/APT Detection, Vulnerability Scanners, Log Aggregation and Analysis/SIM/SIEM, Data Analytics, and Security Intelligence
Works closely with security architect, enterprise architects, other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
Experienced in the development of processes and procedures around security event
Lead the CERT in simulations and cyber-Security response exercises across the organization
Act as an IS/IT liaison throughout the organization in support of Tate & Lyle cyber-security response and cyber-incident management
Instigate the cyber-security incident response process and execute decision authority to the extent of the role within the process
Ensure execution of the incident response process to the resolution of cyber-security incidents in alignment with ITIL incident management framework and information security best practices and standards
Maintain cyber-security risk registrar and report on Key Risk Indicators (KRI) in alignment with key busyness strategic objectives
Instigate and coordinate cyber-security forensic investigations
Proactive monitoring and review of security logs
Other duties as required to support IT security and maintaining minimal acceptable risk posture

171

IT Security Analyst Resume Examples & Samples

Ability to develop partnership-oriented relationships with business
Executives and functional leaders, especially as it relates to operations and technology
Working knowledge of Mainframes (z/OS)
TSO/ISPF –Required
JCL –Required
JES2 –Preferred
RACF –Advanced knowledge of RACF - Required
UNIX (OMVS) –Preferred
SORT (Mainframe) –Required
MVS Utilities (IEBGENER, IRRDBU00, etc.) –Required
System Dumps –Preferred
Vanguard Security Product Suite (Offline/Cleanup, VAA, VCM, VPM, Advisor, Analyzer, Administration) –Preferred
Working knowledge of CICS, VTAM, FTP, PowerView –Preferred
RACF experience required
Sort experience preferred
REXX or CLIST preferred
SAS experience preferred
ICETOOL experience preferred

172

Senior IT Security Analyst Resume Examples & Samples

Perform application and system risk assessments and security audits of internal and external facilities against established standards
Contribute in establishing policies and procedures necessary to ensure the security of information system assets, and to protect them from intentional or inadvertent access, disclosure, or destruction
Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley, HIPAA
Weigh business needs against security concerns and articulate issues and options to management
At least 5 years of IT experience with a Bachelor's Degree in computer related field or equivalent
At least 3 years of experience in Information Security
Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve
Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred

173

IT Security Analyst Resume Examples & Samples

Administer and operate automated security/audit tools to identify potential and actual cybersecurity risks. Common tools include end-point protection software, web content filtering, SIEM/log monitoring, vulnerability scanning, etc
Coordinate user access certifications for network and application users, both privileged and non-privileged accounts
Provide Tier 1 security support to the end-user community and be an advocate for cybersecurity awareness and safe computing practices
Serve as a member of the Cybersecurity Incident Response Team
Assist with cybersecurity projects and completion of internal/vendor technical security risk assessments
Participate in local/regional and nation cybersecurity communities to keep abreast of industry trends
Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or equivalent combination of education and experience
3-5 years total IT experience with at least 1 year in technical IT security. Intermediate level knowledge of IT security concepts and technologies
Prior experience in the financial services sector preferred. Current security certifications (i.e., CISM/CISA, CISSP, etc.) or willingness to obtain is viewed favorably
Working knowledge of common IT security tools and applications
Above average analytic skills, attention to detail, and ability to work independently
Demonstrated ability to build positive partnerships and work collaboratively
Effective written and verbal communication skills and ability to interact with all levels of the organization

174

IT Security Analyst Resume Examples & Samples

Participating in internal and external threat intelligence and cybersecurity forums (IT-ISAC, Infragard, etc)
3 years of experience in Information Security
5 years of experience in the following

175

Senior IT Security Analyst Resume Examples & Samples

Participate in SOX control and control monitoring activities in support of Corporate Compliance
Lead the design and execution of vulnerability assessments, penetration tests and security audits
Serve as the IT Security subject matter expert (SME) in the planning, design, and implementation of enterprise security architecture for technical, operational, and administrative activities
Ensure security configuration compliance with SOX standards and perform periodic user access reviews for Information Technology General Computer Controls
Participate on Security Incident Response Team (SIRT) in the identification, containment, eradication, and resolution of security issues
Lead the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Director
Lead project management activities for 3-5 year IT Security roadmap
Lead planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the IT Security Director
Maintain detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the identification and resolution of vulnerabilities and threat vectors
Provide recommendations for additional security solutions or enhancements to existing controls, to improve overall enterprise security and “defense in depth” strategy
Perform the deployment, integration and initial configuration of all new security solutions as well as enhancements to existing security solutions in accordance with standards and best practices
Maintain baselines for the secure configuration and operations of global devices, whether they are under direct control (i.e., security tools) or indirect control (i.e., workstations, servers, network devices, etc.)
Maintain operational configurations of all IT security solutions as per any established baselines
Monitor all security solutions for efficient and appropriate operations
Review logs and reports of all devices, whether they are under direct control (i.e., security tools) or indirect control (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution

176

IT Security Analyst Resume Examples & Samples

Use forensic, incident response, and process expertise to respond to and investigate system, service, or network attacks and breaches
Work in one or more of the following domains including but not limited to Data Security, Digital Forensics, Incident Response and Analysis, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management
Apply professional information security knowledge, skills, and abilities with supervision on projects and programs
Work with IT Security Engineers to plan and build proactive defenses, automation, and event detection into the University IT infrastructure
Work with local, State, and Federal law enforcement as well as with University staff on personnel and other investigations involving regulated private information
Maintain a professional expertise by attending outside seminars/courses and thorough review of published literature
Participate in team discussions to formulate new or enhance existing processes, policies, and standards
Review existing procedures and practices with operational staff across the University and implement University standards and industry best practices for security
Provide excellent quality of Customer Service on behalf of the IT Security Office
Set and manage customer expectations through partnership with Technology Services Service Center
Advocate for Technology Services clients in service planning and deployment across the organization
Resolve customer satisfaction issues
Understand the overall processes and procedures of the organization and make recommendations in the continual improvement of those processes and procedures, providing for management analysis and recommendations on continual improvement
Work non-traditional hours and respond to on-call requests in a 24 x 7 service environment
Represent the security office in collaborative initiatives
Draft procedural documentation
Generate analysis documents for technical security issues and present to both technical and mid to higher-level executive leadership audiences
Participate and manage internal and University meetings
Participate in team discussions to formulate new or enhance existing processes, policies, and standards. Drive discussions as needed to represent the incident response or forensic functions
Collaborate with peers to complete complex technical solutions with limited supervision
One or more years in an IT security role or IT support role with significant security responsibilities
Demonstrated expertise in one or more of the following domains Data Security, Digital Forensics, Incident Response and Analysis, IT Systems and Operations, Network Security, Systems and Applications Security or Vulnerability Management
Individuals will be required to submit to a background examination
Demonstrated ability in effective communication and collaborating in a high performance team environment
Demonstrated commitment to customer service
Experience functioning in diverse workgroups
Two or more years in an IT security role or IT support role with significant security responsibilities
Experience performing malware analyses
Experience performing vulnerability scans in a professional environment
Familiarity with security event triage
Familiarity with enterprise forensic tools

177

IT Security Analyst Resume Examples & Samples

Bachelor’s degree in computer science or information technology from an accredited University or minimum 6 years of experience in the Computer Industry in a hands-on technical position
Consulting experience is a plus
3+ years of experience in information security necessary

178

Senior IT Security Analyst Resume Examples & Samples

Minimum 7-9 years of security administration experience in an enterprise environment
Experience in defining, implementing, and enforcing security standards, policies and procedures
Knowledge of industry security frameworks such as NIST, SSAE16 SOC2, ISO27001
Experience in risk management, data classification, and corporate threat assessment
Experience in network security using technologies such as NGFW, DLP, NAC, IDS/IPS, MFA
Knowledge of system-level security in Windows, Unix, Wi-Fi, and mobile device environments
Experience interpreting vulnerability scans, security forensics, log analysis, and threat assessment
Proven understanding of common system security attack vectors such as DDOS, man in the middle, spoofing, TCP hijacking, DNS poisoning, buffer overflow, SYN flood, SQL injection, cross-site scripting, worms/trojans/bots, social engineering, etc…
Experience with network analysis and forensics tools such as NMap, WireShark, Nessus, EnCase
Experience with SIEM systems and analysis of security logs and event correlation
Knowledge of mobile device security and technologies such as EMM and MDM
Knowledge of cloud security technologies such as CASB
Solid understanding of Identity Access Management and Identity Governance principles and technologies
Highly active observer of industry security trends and threats – remains up to date on current security issues
Very flexible attitude with the ability to balance security vs the needs of the business
Excellent written and oral communications skills with demonstrated commitment to producing high quality documentation
Professional demeanor and strong work ethic and uncompromising integrity
Some combination of the following security certifications: CISSP, GIAC, CISA, CISM, CEH, CPT/CEPT, CWSP, ENCE, etc

179

IT Security Analyst Resume Examples & Samples

Work closely with other IT team members and end users to provide solutions based on business requirements during all phases of the development and life cycle management process
Complete risk assessment for new IT projects and initiatives
Perform periodic IT security reviews and analysis to ensure compliance with IT security policies
Configure monitoring alerts and reports. Perform data analysis to identify anomalies and risk mitigation actions
Advise and recommend on additional monitoring configurations
Perform server vulnerability life cycle management analysis for retained application patching
Work with business areas and IT staff to update and maintain IT disaster recovery plans (DRP), business impact analysis (BIA), and application recovery documents (ARD)
Ensures IT compliance for SOX and ITAR regulatory requirements, and plays a lead role in support of and successfully passing IT audits
Perform IT security incident response and remediation activities, to include working with Textron enterprise and other business unit IT security teams, as necessary
Develop and disseminate security awareness and education information to end users and system administrators
2+ years of IT technical and administrative security experience with a knowledge of information security principles
Experience with Windows desktop, server O/S, and Active Directory computer security configurations
Experience with Linux is required
Ability to work independently as well as collaboratively; possesses sound business judgment

180

IT Security Analyst Resume Examples & Samples

Monitor the health of all components of the SIEM solution to ensure the systems is operating at optimal performance at all times
Tunes SIEM alerts, processing rules, maintenance jobs, etc. to minimize false positives and noise while ensuring relevant security information is captures and highlighted
Creates and customizes SIEM reports for MSS and MSS customers
Ensures anti-virus solutions are operable and routinely updated
Independently works shifts in a 24x7 Security Operations Center
Experience working in a Security Operation Center
Experience working in a Managed Security Services environment
Experience administering SIEM solutions
Extensive knowledge of the Windows Security Log and Group Policy Audit Policy
Extensive knowledge of Firewall logging from various vendors
Extensive knowledge of logging various other security logs such as Intrusion Prevention Systems, Anti-Virus Software, IIS logs, etc
SIEM Production Certification preferred (LogRhythm, Security Analytics, QRadar, etc.)

181

IT Security Analyst Resume Examples & Samples

Perform testing and assist IT control/process owners to completion of SOX control testing
Ensure that controls are monitored and updated as appropriate
Work with Beacon team to plan and track annual MAR testing and resource allocations
QA all testing and results of tests performed by IT Compliance and IT control/process owners
Provide support to control owners and process owners in attestation and Diligent Inquiry
Escalate issues to IT Compliance management
Support the Internal Audit process from initial audit announcement through final report
Provide initial review and oversight on all audit reports for audit owners
Consult with Audit owners on how to respond to audit observations and findings
As appropriate, challenge and question scope and testing strategy leveraging knowledge of Guardian, sampling methodology, and best practices
Report on status of all open audit items
Provide support (if required) for the following processes
Application monitoring process
Entitlement Reviews

182

IT Security Analyst Resume Examples & Samples

Work with project managers and technology SMEs to identify current protection plans and identify areas of risk
Work with SMEs and plant operations to develop a holistic protection plan for technologies that includes protections during expansion
Drive protection plan synergy between cable manufacturing sites that also align with Division and Corporate guidance
Support IS Council at various plant locations
Work with Procurement to insure that IS initiatives are deployed with 3rd party vendors
Participate in Project meetings and provide expert opinions when identifying Information Security Risk during the project
Report out to OFC Cable Project Management Leadership and Division Information Security Manager
Work with division information security to deploy division driven strategy and initiatives throughout OFC’s cable locations
Lead and guide plant information security leads and councils in our various plant locations
Develop and maintain a comprehensive assessment of our information security vulnerability within our cable locations
Work with engineering and technology teams on new programs which require information security architecture to be developed to protect key trade secrets. (As identified in equipment, SOPs, drawings and area access which are all in scope)
Work with technology teams during equipment installations to review IS plans and insure that all key threats have been identified and mitigated
BS – Information Security, IT Information Systems, IT Engineering or equivalent
Demonstrated manufacturing, government or military experiences in developing and deploying Information Security policies and associated tactical plans to deliver targeted results

183

Senior IT Security Analyst Resume Examples & Samples

Be a motivated self-starter who enjoys working independently while part of a high energy team of technology professionals
Have a natural curiosity and problem solving skills that complement demonstrated experience in analyzing complex problems and developing innovative solutions
Thrive in a highly collaborative and fast-paced work environment where leveraging technology for continuous business improvement is the norm
Have experience and expertise in security technologies and tools to be a hands-on leader
Execute security projects and initiatives with a commitment to excellence and adherence to a rigorous project management discipline
Developing security policies and procedures based on recognized standards like HIPAA and NIST 800-53
Performing risk assessments and business impact analysis
Designing, developing and executing continuity of operation plans
Validating enterprise compliance with defined policies and standards
Interpreting complex technical concepts and articulating the information in strategic recommendations, policy statements, and solution designs
Performing detailed computer system analysis, including creating interim and final reports and delivering presentations of analysis and recommendations to senior and executive management
Executing projects and initiatives using project management principles and approaches
A Bachelor’s degree in Information Systems, Information Systems Auditing, Information Assurance, Security and Risk Analysis, Computer Science or a closely related field. Experience may substitute for education in some situations
At least six years of information security and information technology work experience
A technical certification such as CISSP, Certified Information Systems Auditor (CISA), GIAC Systems and Network Auditor (GSNA) or other recognized professional IT security certifications is preferred

184

Senior IT Security Analyst Resume Examples & Samples

Conduct forensic examinations of digital media on physical, virtual and distributed devices to identify root cause analysis,
Utilize in-house forensic tools as well as open-source tools to perform memory analysis, static analysis and reverse engineering on local and remote systems,
Identify malware artifacts and evidence locations to pinpoint application execution, file access, external device usage, and file download,
Perform network forensic investigations utilizing NetFlow analysis and collection,
Responsible for all relevant forensic investigations within established service levels,
Serve as the subject matter expert for Incident Response tabletops, as well as updates to program documents and procedures,
Prepare clear and comprehensive incident reports and identify opportunities for improvement,
Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest, and
Cross train Security Operations personnel on Incident Response process and procedures
Must have a Bachelor’s Degree in Computer Science, Digital Forensics, or other analytical disciplines or equivalent experience,
Must have at least five years of combined experience in information security forensics,
Must have at least three years of combined experience working with one or more of the following regulatory requirements: PCI Data Security Standards (PA-DSS, DSS), ANSI/X9 TR-39, SOX, HIPAA, and/or ISO 27001,
Must have expert level proficiency with major tools to perform disk, memory, network forensic, and advanced techniques,
Must have understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level,
Must have knowledge of how the Windows file system and registry function and UNIX operating systems and command line tools,
Must have a strong understanding of information security technologies,
Must have strong interpersonal and leadership skills including experience in organizing, planning, and overseeing the work of large teams,
Should have at least seven years of experience in information security forensics,
Should have successful completion of one or more of the following certifications: CCE, GCFE, GCFA, GREM, EnCE, CFE,
Should have continued education including additional or advanced degrees in analytical, technical discipline,
Should have a strong understanding of Windows, Linux/Unix, and/or zOS computing technologies and architectures – including secure ,configuration of these operating systems, and/or
Should have a strong understanding of networking infrastructure components and protocols including wireless, firewalls, and/or network-based intrusion detection/prevention

185

Senior IT Security Analyst Resume Examples & Samples

Perform IT risk assessments to determine the acceptable level of risk and resulting security requirements for information systems,
Perform IT assessments and testing to evaluate compliance with various regulatory and/or industry requirements,
Design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls,
Prepare written communications, including assessment reports and working papers to document the scope, procedures performed, findings, and exceptions,
Assist process owners with developing effective remediation plans to address control exceptions identified during assessments,
Perform follow-up procedures to determine adequacy of corrective actions taken,
Serve as a point of contact and liaison with internal and external auditors, assessors, and examiners,
Lead the development and implementation of security policies, standards, processes, procedures, controls, and guidelines for multiple platforms and diverse system environments
Must have a Bachelor’s Degree in Management Information Systems, Computer Science, Information Security, or other analytical disciplines or equivalent experience,
Must have at least five years of combined experience in one or more of the following areas: information security audits, information security, risk management, security and controls assessments, and/or IT audit,
Must have at least three years of combined experience working with one or more of the following regulatory requirements: HIPAA, FFIEC, and/or SOX,
Must have at least two years of experience assessing the design and implementation of IT Process and IT Controls,
Must have experience performing risk analysis of projects and systems that cannot meet security standards and/or security control objectives,
Successful completion of one or more of the following certifications: CISA, CISM, CTGA, CRISC, and/or CISSP,
Should have at least seven years of combined experience in one or more of the following areas: information security audits, information security, risk management, security and controls assessments, and/or IT audit,
Should have a strong understanding of Windows, Linux/Unix, and/or zOS computing technologies and architectures – including secure configuration of these operating systems and,
Should have a strong understanding of networking infrastructure components and protocols – including wireless, firewalls, and/or network-based intrusion detection/prevention

186

IT Security Analyst Resume Examples & Samples

Manage, monitor, and report status on open remediation items to I/S management,
Conduct meetings with process owners to obtain remediation status,
Anticipate and report business challenges with delivering remediation on time,
Communicate expectations for remediation and assist process owners with developing effective remediation plans to address identified exceptions,
Monitor and report status on recurring tasks/reviews required by regulatory and/or industry requirements,
Assist with identifying improvement opportunities for internal processes managed by the Security & Compliance Team,
Assist with performing assessments and testing to evaluate compliance with various regulatory requirements including SOX, HIPAA, PCI, OCC, FFIEC and/or Data Privacy & Protection,
Assist with the development, updates, and implementation of security policies, standards, processes, procedures, controls, and guidelines for multiple platforms and diverse system environments
Must have strong interpersonal and leadership skills including experience in organizing, planning, and reporting on cross functional efforts,
Must have at least two years of combined experience in one or more of the following areas: information security audits, information security, risk management, security and controls assessments, and/or IT audit,
Must have at least two years of combined experience working with one or more of the following regulatory or industry requirements: PCI Data Security Standards (PA-DSS, DSS), ANSI/X9 TR-39, SOX, HIPAA, FFIEC, and/or NIST,
Must have a good understanding of information security technologies,
Must be comfortable working with diverse team members,
Must have strong analytical, problem-solving and conceptual skills,
Must have a high degree of confidentiality, maturity, self-motivation, commitment, and integrity, and
Should have project management experience,
Should have successful completion of one or more of the following certifications: CISA, CISM, CTGA, CRISC, CISSP, and/or PMP,
Should have continued education including additional or advanced degrees in analytical, technical, or business discipline,
Should have at least five years of combined experience in one or more of the following areas: information security audits, information security, risk management, security and controls assessments, and/or IT audit,

187

IT Security Analyst Resume Examples & Samples

Provide operational and project support for security tools including but not limited to: Security Information Event Monitoring (SIEM), Intrusion Detection Systems (IDS), Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Privileged Access Management (PAM), Identity Management (IDM), Hardware Security Module (HSM), Transparent Database Encryption (TDE), Enterprise Key and Certificate Management (EKCM), Database Encryption, File Encryption, and/or API Encryption
Serve as the subject matter expert (SME) in relation to installation, configuration, and troubleshooting of security tools
Provide rotating on-call support for security tools to include nights and weekends
Review firewall rules and access control lists
One or more of the following certifications is highly preferred: CISSP, CISM, CEH, GSEC, MCSE, RHCE, CCNP, and/or CASP
Experience supporting one or more of the following types of security applications or tools: Security Information Event Monitoring (SIEM), Intrusion Detection Systems (IDS), Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Privileged Access Management (PAM), Identity Management (IDM), Hardware Security Module (HSM), Transparent Database Encryption (TDE), Enterprise Key and Certificate Management (EKCM), Database Encryption, File Encryption, and/or API Encryption
Experience working with QRadar, Guardium, Websense, Splunk, SafeNet, Venafi, Protegrity, SailPoint, Secret Server, or an industry equivalents is a plus
Understanding of networking concepts and technologies
Experience writing scripts to automate tasks using common scripting languages (PowerShell, Bash, Python, Perl, etc.)
Basic knowledge of XML, JSON, and/or Regular Expressions
Basic knowledge of databases and SQL queries

188

IT Security Analyst Resume Examples & Samples

Security Essentials – SEC401 (optional GSEC certification)
Intrusion Detection In Depth – SEC503 (optional GCIA certification)
Hacker Guard: Security Baseline Training – SEC464
Advanced Security Essentials – SEC501 (optional GCED certification)
Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification)
Technical Coordination experience

189

IT Security Analyst Resume Examples & Samples

Performs periodic quality assurance on security operations vulnerability management and problem resolution tasks
Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to communication, facilitation and consensus building
Assists in the coordination and completion of security operations documentation
Works with security leadership to develop strategies and plans to enforce security requirements and address identified risks
Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of assets and noncompliance
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle
Works with IT department and members of the security team to identify, select and implement technical controls
Develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained
Advises security administrators on normal and exception-based processing of security authorization requests
Develop a comprehensive vulnerability assessment program that is operationally manages on shore and off shore in support of Information Security. This includes penetration testing, reporting analytics, trending and analysis. Tools also include managing Red Seal, standing up the network inside the tool and utilizing Red Seal to its full potential. Work with Security, Compliance, IT units and system integrators to ensure a robust, scalable solution
Minimum of three (3) years' IT or network/server experience
Security+ certification preferred
Ability to interact with personnel at all levels and across all business units and organizations, and to comprehend business imperatives
A good customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships
Superior analytical skills to analyze security requirements and relate them to appropriate security controls

190

Senior IT Security Analyst Resume Examples & Samples

Perform security event monitoring & analysis related to security violations, potential vulnerabilities and alerts from detection systems and apply appropriate incident response procedures.Document and implement standard operating procedures
Oversee the third-party security assessment program to ensure software and service providers meet company security standards. Coordinate assessments with third-parties, evaluate reports and lead remediation efforts.Draft security assessment reports when appropriate
Assist in managing security technologies such as firewalls, IDS/IPS, antivirus, endpoint protection, WAF, wireless security and network access control
Enhance software security related to in-house and third-party developed applications by working with software development teams to proactively assess risk, remediate security vulnerabilities and provide policy guidance
Provide input and visibility into emerging application security technologies, deployment strategies and other security protocols to ensure awareness within the software organization
Minimum of 5 years-experience with common network security a must (intrusion detection, firewall technologies, anti-virus)
Minimum 2 years-experience writing technical process documentation and standard operating procedures
Experience in a security operations environment and a proven ability to evaluate security alerts to determine appropriate incident response actions
Familiarity with common network, system and web application attack vectors and related mitigation strategies
Ability to work independently as a key contributor to the IT security team and lead cross-functional teams
Effective communication skills and the ability to independently manage small projects
Experience with advanced malware technologies and cloud application security considered a plus
CISSP, GCIH, GSEC, CRISC, or other security certifications considered a plus

191

IT Security Analyst Resume Examples & Samples

Serves as technical lead responsible for the design, delivery and integration of network security infrastructure and services, such firewalls, IDS/IPS, VPN, SIEM, load balancers, application gateways, proxies, etc
Develops software, scripts and tools that integrate network security systems, automate security operations and incident response, provide customer portals to security services, and generate security metrics/reports through various APIs
Monitors and responds to the most complex network security events and issues, analyzes network traffic, identifies suspicious behavior, and addresses threats to the enterprise network security infrastructure
Drives deployment and integration of security services across the campus, serves as expert resource on network-security, scripting and automation, and contributes to campus security knowledge through technical documentation and training
Leads technical system assessment activities to identify potential threats/vulnerabilities to network assets. Serves as an expert resource on regulations/frameworks such as ISO27k, HIPAA, FERPA, PCI, etc. and ensures compliance of security infrastructure
Employee must be available to work evenings, weekends, and holidays
Employee must be available to travel as required
Must be able to work on a rotating on-call basis
A Bachelor's Degree in Computer Science, Information Security or a closely-related field AND six (6) years of related experience in information security in an enterprise environment OR ten (10) years of recent relevant experience
Proven experience deploying, automating and integrating network security infrastructure (firewalls, VPN, IDS/IPS, SIEM, application gateways/proxies), with expert knowledge of networking technology TCP/IP, DNS, DHCP, NAT, routing protocols, netflow, Radius/TACACS, and packet capture/analysis
Expert in developing scripts and tools using a modern scripting language (such as Python, Perl, or Ruby). Familiarity with MySQL databases and interfacing with REST/SOAP APIs. Ability to develop simple web applications with integration to SSO (SAML/Shibboleth)
Demonstrated expert in Linux security and system administration, shell scripting, iptables, authentication, vi, grep, awk, sed, regex, makefiles, and revision control system
Proven ability to effectively prioritize tasks, manage time, organize activities, deliver overall high productivity, and to assume responsibility for the successful completion of technical projects
Ability to work well with others and collaborate with network engineering staff, to provide work direction and instruction to subordinate team members, to facilitate communication and coordinate activities among team members

192

IT Security Analyst Resume Examples & Samples

High School Diploma. Bachelor's degree is a plus
1-3 years of Information Technology experience preferably in network technologies
General troubleshooting and understanding of LAN, WAN technologies (Firewalls, TCP/IP, load balancers)
General troubleshooting of Anti-Virus tools (McAfee ePO, Symantec SEPM, FireEye, Microsoft Endpoint Protection)
General use of a log aggregation system with querying, dashboarding and alerting (Splunk, ArcSight, etc)
General troubleshooting of Intrusion Detection (IDS) alerts
General troubleshooting of alert messages from Splunk or Zenoss monitoring systems
Create, modify and close service requests, incident and problem tickets using BVS and ServiceNow systems
General Knowledge of event management and packet capture tools (WireShark, Netwitness, etc)
General Knowledge of using and creating knowledge base entries based on new found data
Certification preferred- CCNA (CCENT & CCT), Network+, Security+, CISSP, CISSM
Experience working in a 24x7 Operations Center is preferred

193

IT Security Analyst Resume Examples & Samples

Three (3) or more years of relevant experience
Bachelor's degree in health care information technology, computer science, or related area, and / or equivalent combination of experience / training
Experience using IT security systems and tools
Knowledge of data encryption techniques
Experience analyzing logs for security breaches
Information Security certification such as CISSP, CISA, CISM, CCSFP, etc

194

IT Security Analyst Resume Examples & Samples

Assist in accreditation of developer software and systems, and program of record systems
Perform testing and analysis of IA controls and secure configuration using Assured Compliance Assessment Solution (ACAS) , DIS STIG, STIG viewer and SCAP compliance Checker (SCC)
Prepare for cyber security inspections (CSI) and other network inspections
Assist in monitoring production and integration efforts thought report assessments, program milestones and independent verification and validation (IV&V) compliance with computer security accreditation plan (CSAP) and other progress measures
Perform analysis of test data, reports and inspections , including quick look reports, final test reports and lessons learned reports
Demonstrated experience with the planning, development, coordination, execution and improvement of compliance related processes. This includes in depth knowledge of DoD 8500 series, NIST SP 800 series, DoD regulations and instructions to include: 8570-01, DoDI 8530.01, CJCSI 6510.01, Risk Management Framework (RMF), technical TTPs (specifically ACAS, SCAP compliance Checker (SCC), STIGS/STIG viewer) and other security monitoring tools
Demonstrated experience with multiple technology areas and determining applicability, analyzing compliance requirements as defined within Cyber Security Task Orders from higher headquarters to ensure organizational requirements are implemented and verified
Demonstrated experience with knowledge management practices, implementation of automated solutions for tracking information, along with the development and review of Plans of Actions and Milestones and the development of metrics
7-10 years overall experience supporting IT related industry/business environment
5 or more years supporting DoD customers or equivalent similar large, complex government agency
Experience in SPAWAR ashore and/or afloat C4I systems development environment
Experience in military C4I, communications, and networking systems
Experience with practices and guidelines of Department of Defense Instruction 5000.01 and 5000.02
Experience in information technology, information systems, and/or communication systems development, integration and operation
Red Hat Enterprise Linux (RHEL)
Suse Linux Enterprise Server (SLES)
Windows Server 2008
Analytical Thinking
RedHat

195

IT Security Analyst Resume Examples & Samples

Support the development of assessment & authorization deliverables including but not limited to risk assessment, FIPS 199, system security plan, IT contingency plan, incident response plan, and others
Conduct security control assessment of systems and prepare security assessment report
Provide expertise as it relates to FISMA, OMB/DHS requirements, NIST Special Publications and Standards, and other federal guidance
Support the tracking, reporting, and remediation of agency Plan of Action & Milestones (POA&Ms)
Support the development, monitoring and update of agency information security policies and procedures
Assist in conducting NCUA’s IV&V (quarterly and ad hoc) tests to evaluate the effectiveness of policies, procedures, and practices
Monitor and report on updates to applicable authoritative guidance on a continuous basis
Support in the identification and assessment of Federal Agency Primary Mission Essential Functions, Mission Essential Functions, Essential Supporting Activities, and other identified critical systems
BA/BS degree from an accredited college/university in Accounting, Business Administration or Accounting Information Systems degree
Security+, CAP, CISSP, FITSP certification preferred
One year of work experience supporting an IT department, preferably in a federal agency in an advisory capacity or conducting IS audits (FISMA, assessments, etc.)
Two or more years of direct experience in developing Assessment & Authorization deliverables in supporting system owners
One or more years of direct experience in preparing and conducting security control assessments using NIST 800-53A
Possess working knowledge of federal IS requirements and standards including NIST 800-37 and NIST 800-60
Ability to work in a highly collaborative environment with peers and senior government officials
Maintain strong technical writing and communication skills required
Ability to obtain a Secret Clearance (US citizenship is required)

196

Senior IT Security Analyst Resume Examples & Samples

Develop, document, and execute procedures for protection, detection, and response against internal and external threats and execute remediation plans and incident response plans as needed
Create, fine tune, and compile regular metrics
Increase the breadth and depth of monitored sources and maintain a framework to constantly assess the firm’s Cyber and Information Security
Expand the 24/7 monitoring (Secureworks) and lead the project to implement and maintain SIEM Q-Radar
Keep track of potential security incidents and work with various compliance areas to report the relevant events to external regulators (e.g. FinCen)
Share information and help create a corporate view of cyber and information security status & awareness
Ensure that all employees have complied with security awareness training requirements
Maintain the vendor relationship with Secureworks
Participate actively in logical access control functions such as periodic access reviews
Support the security aspects of vendor risk reviews
Schedule and coordinate incident response exercises
Schedule and coordinate social engineering and phishing test exercises against employees
Manage vulnerability scans, evaluate remediation efforts, and report on results
Own and manage the compliance efforts in a multi year DFS (NY Department of Financial Services) compliance project
BA/BS in Information Security or at least 3 to 4 years of directly related experience
Experience with logging software, and/or other SIEM type tools
Experience with vulnerability and penetration assessment tools
Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Excellent teamwork skills, ability to collaborate with other team members
Breadth of knowledge in the information security space with emphasis on network security, operating system security, common attack patterns, and exploitation techniques

197

IT Security Analyst Resume Examples & Samples

Experience guiding a system through full ATO (Authority to Operate) lifecycle
Experience writing security plans and contingency plans and all ATO artifacts
Experience analyzing security scan reports
Experience creating, managing, and completing Plans of Action & Milestones (POA&Ms)
Experience analyzing system audit logs
Ensure configuration management is appropriate for all Information Systems (IS) software and hardware, including that change control requirements are documented and tracked
Ensure security logs and audit trails are reviewed in accordance with established schedules
Conduct periodic reviews of Privileged user accounts (Developer, Admin, etc.)
Must have experience with analyzing security scan reports
Must demonstrate a complete understanding of Information Security Administration principles, concepts, practices, and standards as well as a complete understanding of network devices, TCP/IP and related Internet protocols
ISC2 Certified Information Systems Security Professional (CISSP) or CISSP-ISSMP, ISSAP or ISSEP
Certification and Accreditation Professional (CAP)
C&A experience with classified networks is highly desired

198

IT Security Analyst Resume Examples & Samples

Enforce incident response service level agreements
Work with the global IT Security team to analyze, test and recommend tools to strengthen the security posture of the company
Create and maintain operational reports allowing IT management team to understand the current and historical landscape of the IT security risks
Participate in daily and ad-hoc meetings related to cyber security, controls and compliance, processes and documentation related tasks

199

IT Security Analyst Resume Examples & Samples

3 years+ in a similar IT Security role
Internal/External stakeholder management
Understanding of Governance and Security Controls e.g. ITIL/COBIT
Good understanding of network security architecture, protocols and principles
Security Firewalls reviews/remediation of issues identified and compliance using Skybox
Internal/External Vulnerability Scanning Management using Nessus
Extensive IDS/IPS management/investigation
SIEM Tool / system integration
IT Security Audit actions / management
An industry recognised accreditation such as CISSP/CISA/CISM/PCI
Experience of working in environments where compliance is working towards or meets ISO27001:2005:2013 standards
Good understanding of IT Security Best practice and Industry standards

200

IT Security Analyst Resume Examples & Samples

Technology Security Threat Assessment and Monitoring - The Security Analyst will use various tools to assess the security status of the University's end points, data center, network, firewalls and other security components to ensure they are secure and meet the University management's service and operational level objectives. The SA will also establish baselines for security performance and monitor all security systems against those baselines. Based on these tools, the SA will make strategic, tactical and operation recommendations to reduce the risk to SHU assets
Technology Security and Compliance Posture Reporting - The Security Analyst will report to SHU IT Management on the status of SHU's security and compliance posture. This will include maintaining the IT Risk Registry, various security dashboards and providing reports on vulnerability analysis, attempted incident reports, security metrics, etc. Additionally, the SA will review SHU's level of compliance with FERPA, PCI and other regulatory policies as necessary
Technology Security, Risk and Compliance Policy and Procedure Documentation - The Security Analyst will create new policies or modify and amend existing policies as directed by SHU IT management or as required by regulatory compliance such as PCI. The SA will also create or modify procedures for security operations, compliance enforcement and continual security improvement within the IT Service Management (ITSM) governance framework. The SA will monitor SHU's compliance with policies and procedures to reduce and mitigate risk to SHU assets and reputation
Technology Security and Risk Awareness - Working with the Director of ITSM, Compliance and Governance, along with the Web Development Team and Director of Digital Media, the Security Analyst will assist in developing, maintaining and conducting an ongoing security awareness program. This may include print, electronic and video messages to the Seton Hall community regarding cyber security, institutional technical security and personal identity security. The awareness campaigns will be a regular ongoing program as well for specific calendar events such as Cyber Security Month and when there is a specific incident or threat to the SHU environment
Technology Incident Response - The Security Analyst is focal point of the incident response team that will be respond to a security incident. The team will follow the documented procedures from IT Security Incident Response Plan, the PCI DSS Incident Response plan or other appropriate procedures, such Spam or Virus. The SA will be the key point of contact during an incident and will be responsible for communication with IT and SHU management, Public Safety, third party vendors, insurance agencies and regulatory agencies. Upon resolution of any incident, the SA will document the incident, remediation and lessons learned and the update appropriate policies and procedures. The SA is also responsible for performing a forensics analysis following a security incident
Third Party Compliance and Security Review - The Security Analyst will review documentation such as SSAE 16 or SOC II Reports, along with vendor contracts to ensure that the vendors use best practice and acceptable security measures. The SA will review these prior to contract signing and then periodically based on either compliance requirements or date of expiration. The SA will also provide a report on the analysis of each including a risk analysis of each vendor and vendor's architecture
3 to 5 years IT security experience
Knowledge of FERPA, PCI-DSS
Experience with SEIM (log management); vulnerability scanning, data loss prevention and end point protection

201

IT Security Analyst Resume Examples & Samples

Monitor network for security threats and unauthorized activity
Analyze, troubleshoot and correct network problems remotely and on-site
Implement and manage security protocol for the America’s Juniper network switches and Cisco ASA firewalls
Respond to security incidents to include the collection, preservation and analysis of forensic evidence
Resolve second level help desk tickets and share in off-hours support rotations during the month
Coordinate all level 2 network and security changes with appropriate team members to ensure uninterrupted service
Maintain operational security posture through incident management and responsiveness; oversee/execute internal vulnerability scans
Document mitigation plans, including policy and procedure updates
Participate in audits and assessments, and provide support as appropriate
Analyze established operational security controls and procedures; recommend improvements
Evaluate appropriate tools for supporting the security operations function
Communicate technical security standards throughout the organization
Assist in improving and documenting standards and practices
Methodically resolve computer hardware, software and network problems
Follow established procedures for tracking and reporting computer hardware and software issues
Work with your fellow team members to ensure the delivery of a high level of support to our customers
Proficient with common and/or advanced attack vectors and threat landscapes such as botnets, watering holes, spear phishing, DDoS, advanced malware, etc
Proficient with common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), Advanced Threat, etc
Strong knowledge of networking protocols including port mapping, NAT, ACL, routing, switching, IPSEC VPN tunnels, etc
Cisco ASA
Juniper JunOS
TCP/IP Security protocol
Microsoft Windows Server 2008R2 and higher
Microsoft SQL Server 2014 and higher
Print Servers
Terminal Servers (Thin Clients)
Active Directory Administration
Group Policy Administration, Windows Scripting

202

IT Security Analyst Resume Examples & Samples

Participate in projects to improve system and network security controls
Create security guidelines and procedures
Assist with network alert monitoring and log review
Support penetration test engagements
Lead security awareness efforts
Experience using the NetSuite application
Experience working with a global security team
Work experience at a cloud service provider. Intimate knowledge of the complexities of securing a cloud environment
Experience with key security controls including network access, whitelisting, disk encryption, OS hardening, secure data destruction, file integrity monitoring, vulnerability scanning, and privileged access management
Experience with intrusion detection/prevention systems, firewalls, data loss prevention
Unix and network routing training
ISO 27001 subject matter expert
Excellent critical thinking, analytical skills, and problem solving skills
Ability to facilitate meeting deadlines on a self–driven basis
Ability to see security from both the technical and business risk perspectives
3+ years in Information Security
5+ years working within Information Technology
Bachelors Degree in Computer Engineering, Computer Science, Information Technology, MIS, or equivalent experience
Recognized industry certification and/or continuing education programs are a major plus including GCIH, CEH, GCFE or SSCP

203

IT Security Analyst Resume Examples & Samples

Provide project management and support for the overall Privacy
Program against GDPR
Track and manage status for Cloud for Industry services against security and privacy requirements
Collaborate with the GBU LoBs and P&S Legal leadersto ensure consistency in approach and delivery
Develop required documentation and training for Global Business Units
Support management of the sub processor management in alignment with privacy and
Define tools and system requirements to support the privacy program
Provide management reporting against the compliance with the privacy program
Document evolving processes and procedures for privacy and specifically GDPR
Create a response repository and knowledge base to support customer and employee inquiries
Supports contract reviews process for items related to security and privacy compliance
Formalize the privacy impact analysis process for the Global Business Units in coordination with the GBU SMEs
Coordinate audit testing, documentation, self-assessment testing and remediation activities
Be willing to take on other ad hoc security, privacy and compliance projects
At least 5 years of information security and privacy program management
Experience managing Cloud services programs and initiative
Experience documenting technical, security and privacy controls in a service environment
Strong knowledge of privacy and security in a large cloud environment
Continuous desire to learn and remain current on changing privacy and securiyt landscape
Hold or be willing to obtain CIPP and CIPM certification

204

IT Security Analyst Resume Examples & Samples

5 years’ experience in IT with at least 2 years in IT security
Have a good understanding of relevant IT risk management policies, procedures and standards
Provide ongoing support for security hardware/software, appliances and vendor coordination; perform periodic reviews of infrastructure to ensure compliance with standards with the premise of identifying and resolving problems before an issue occurs
Create and maintain documentation of guidelines and standards for specific technologies; assist in monitoring performance levels and trends throughout the firm to determine quality of service for the entire infrastructure
Provide 1st and 2nd level incident support; diagnostics and corrective actions; implementation and 3rd party engagement and coordination; vulnerability management; physical break fix; and “on-call coverage
Provide post mortems for incidents; provide timely incident reporting to IT and business; track, update and close action items; provide statistical data pertaining to short term incidents and chronic network problems
Implement scheduled changes on time, within a scheduled window and without causing an incident
Work and close MASC items that don’t require additional support
Work vulnerability and configuration management process and outcomes
Manage and document patch process and execution

205

IT Security Analyst Resume Examples & Samples

Designs and implements system requirements for customers and analyzes existing systems
Installs and maintains mainframe, midrange, or NT operating systems and related software to ensure stable performance
Evaluates system specifications, input/output processes, and working parameters for hardware/software compatibility
Develops, tests, installs, and modifies computer software for operating systems, compilers, utilities, multiprogramming, and telecommunications systems
Develops and installs programs for large-scale or high volume transactions requiring IBM/MVS or similar mainframe processing
Develops and installs programs to support general business applications
Develops programs on midrange computers such as the IBM AS/400 or UNIX based mini/midrange computers
Evaluates and installs database management systems
Plans computerized databases, including base definition, structure, documentation, long-range requirements, operational guidelines and protection

206

IT Security Analyst Resume Examples & Samples

Perform monitoring of security related systems and logs on a daily basis to analyze potential threats and confirm the operation of security systems
Perform recurring audits of security procedures to ensure other IT functions in USPI are completing security and internal control procedures as required
Assist with incident response and reporting
Evaluate and recommend tools and products to assist with the IT Security function across the Enterprise
Evaluate vendor security for new vendors selling IT products and services to USPI and its affiliates
Evaluate, compile and report on risk assessments and other security assessments performed at facilities and the home office, as well as at other divisions of USPI
Understand the threats against the company – who they are, how they operate, what motivates them – and how to allocate the right level of resources to counter them
Experience with applicable regulatory and standards frameworks (e.g., SOX, GLBA, SSAE16, PCI, ISO2700x, etc.)
Knowledge of the HIPAA security rule, including the required and addressable security standards, the HITECH Act, and national and international security standards and best practices, such as the National Institute of Standards and Technology (NIST) technical, physical, administrative, and management standards and guidelines
Demonstrated ability to work independently and as part of a team
Demonstrated ability to communicate effectively, both verbally and in writing, in a clear and concise manner, to a variety of audiences
Strong commitment to customer service. Demonstrated ability to work with customers and key partners. Inherent ability to project a positive image with both customers and colleagues
Strong problem solving, project management and presentation skills
Demonstrated ability to handle stressful situations and time constraints when necessary
5 years of information security experience
Healthcare industry experience preferred
Working knowledge of and experience in the public health or healthcare sector
Information security management qualifications such as one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified in Risk and Information Systems Control (CRISC)
Experience conducting and/or coordinating technical security scanning, penetration testing including social engineering testing, application security testing, mobile device security analysis, and similar monitoring and validation techniques

207

IT Security Analyst Resume Examples & Samples

Follows instructions and performs other duties as may be assigned by supervisor
Assists other employees in accomplishment of Huntsman company goals
Participates in Environmental, Health, & Safety initiatives as set forth by the company
Hands-on experience in installing, configuring and using Vulnerability Scanning Tools - Nessus. Able to filter false positives and interpret relevant data. Able to generate Points of action from the report
Hands-on Experience with Forensics Investigation Tools - Encase, FTK, etc
Hands-on Experience in using and interpreting SPLUNK (SIEM). Able to configure reports and conduct/initiate investigations and perform troubleshoot
Experience with configuring policies and troubleshooting user errors with web Proxy - Websense
Able to isolate and investigate suspected or Real Virus infections
Operational knowledge of Firewalls (Cisco ASA), IPS, Anti Virus
Able to Interpret and perform Audit On Firewall configurations

208

IT Security Analyst Resume Examples & Samples

2 to 3 years of experience in network / product penetration testing
Having Bachelor’s degree in any discipline
Good understanding of security development life cycle processes
Automated White box Fuzz testing using SPIKE, PEACH and/or Other COTS Tools
Run & Analyze the penetration test (Manual & Automated) and pinpoint the security issues and suggest countermeasures for security improvements
Intimate knowledge and hands-on experience using various penetration testing tools like Nessus, Web Inspect, Nmap (Slow Scans, Service detection, OS detection, namp Scripts), BurpSuite, Nikto, ZAP

209

IT Security Analyst Resume Examples & Samples

Serve as the technical resource for vulnerability management across numerous technology platforms
Responsible for the implementing, managing, and maintain the vulnerability management lifecycle
Responsible for analysis, evaluation, and support of vulnerability management related systems, resources, and applications
Perform vulnerability remediation's
Perform hardening procedures
Facilitate vulnerability remediation efforts with remote technical staff
Provide reporting of vulnerability assessment compliance
Candidate should have a thorough understanding of today’s technology platforms and the various vulnerabilities and risks associated
Patch management experience recommended
Vulnerability management and remediation experience recommended
Familiarity with multi-tenant virtual environments recommended
Familiarity with Vulnerability scanning tools
Proficient in managing and maintaining all currently supported Windows Operating systems
Proficient in managing and maintaining Cisco infrastructure equipment
Understanding of HP server patching, including iLO devices
Understanding of Dell server patching, including DRAC devices
Familiarity with "hardening" all forms of Information Technology systems such as routers, switches, virtual hosts, servers, workstations, storage, UPS devices, Printers, DVR systems, etc
Must demonstrate a detail oriented work ethic
Knowledge of how to interpret log files
Experience establishing and maintaining effective working relationships with employees and clients
Ability to own and monitor tasks delegated to other parties and ensure completion
A strong desire to produce quality work, adopt standards and adhere to those standards
Must be able to think out of the box. The ability to troubleshoot non-standard issues/undocumented issues, to look at the big picture and see how a problem fits in and determine a solution that fits within the existing framework
An inner desire to improve every day

210

IT Security Analyst Resume Examples & Samples

Ensure the integrity and protection of networks, systems and applications by technical enforcement of organizational security policies
Implementation security measures to protect computer systems, networks and data
Monitor and analyze intrusion detection systems to identify security issues
Recognize potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information
Perform computer security incident response activities
Assist with implementation of counter-measures or mitigating controls
Manage third-party security firms to perform periodic audits and vulnerability assessments
Improve security position by educating employee base and strengthening exist controls
Maintain knowledge of current security technologies
Bachelor’s degree in Computer Science or related technical discipline, or the equivalent combination of education, professional training or work experience
5 years of related experience in data security administration, network administration and/or server administration
Proficient knowledge of Windows Server, IIS, Hyper-V, Microsoft SQL Server and Windows domain management
Experience in switch, router and firewall configuration

211

IT Security Analyst Resume Examples & Samples

Review & update QBE security processes & procedures and update documentation as required
Ensure alignment of security functions and maintain security processes and procedures and associated documentation
Communicate security, risk and issue policies across the business
Interact with stakeholders across the business to review recorded risks and issues and track mitigation actions
Enhance IT system security through the review of security leading practice
Review planned system changes for IT risk and information security impact and recommend mitigating actions and relevant testing requirements
Assist with audit activity where required including maintenance of documentation of audit artifacts
Monitor security bulletins and advisories for technologies deployed by QBE and implement initiatives to manage issues as they arise
Relevant tertiary qualifications
3 years + technical knowledge and experience in an Information Security role
Exposure to security controls and information protection services, within a cloud environment
Demonstrated experience in devising IT policies, standards, guidelines and procedures
Fundamental technical knowledge in the field of information security and security risks
Ideally an understanding of risk frameworks
Problem solving and analysis skills
Communication and organisation skills
Strong stakeholder management experience and ability

212

IT Security Analyst Resume Examples & Samples

Facilitate Security Control Assessment (SCA) and Continuous Monitoring Activities (Plans of Action and Milestones (POA&M), Corrective Action Plans (CAP) with State of Michigan Applications
Ensure State of Michigan and Agency policies are adhered to and that required controls are implemented
Execute SCA (DTMB-170) documentation, including but not limited to POA&M and CAP
Author recommendations associated with your findings on how to improve the customer's security posture in accordance with SOM PSP & NIST controls
Ability to assist team members and Vendors with proper artifact collection and detail to clients examples of artifacts that will satisfy assessment requirements
Preferred that the candidate has a CISSP, CISA, PMP and/or Security+ certification, but it is not required
Collaborate on multiple projects at a given time and experience with Vendors is a plus

213

IT Security Analyst Resume Examples & Samples

Certified internal auditor would be a big advantage
Previous experience as IT help desk
To understand the architecture of an Information System

214

IT Security Analyst Resume Examples & Samples

Analyzes a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, etc.)
Monitors and analyzes network traffic and IDS/IPS alerts, investigating intrusion attempts and performing in-depth analysis of exploits and attacks
Performs security Incident Event Management (SIEM) console monitoring and correlation
Provides skilled technical assistance in Information Security strategy and planning
Presents security research analysis and recommendations to the Information Security management team
Resolves Hotline issues (issue resolution, security incident reporting) and Abuse issues (email, phishing attacks, social engineering calls)
Continuously monitors regulatory compliance through implemented Information Security technologies
Administers, monitors and troubleshoots antivirus activities, and email gateway issues. Configures and tests new IDS/IPS rules based on in-depth security analysis
Performs network and host DLP monitoring and logging
Performs application whitelisting and file integrity monitoring
Maintains and increases professional and technical knowledge by attending workshops, reviewing professional publications, establishing personal networks and participating in professional societies
May provide direction and support to less experienced security engineering staff to orient them and increase their understanding of more complex security analysis and design
May lead moderately complex security projects as assigned
Performs other duties as assigned or apparent
Proven ability performing moderately complex security analysis for information technology

215

IT Security Analyst Resume Examples & Samples

Conduct ongoing risk and vulnerability assessments on new or existing information systems and applications to identify vulnerabilities, risks, and data protection requirements
Conduct technical analysis of security products, patches, issues, and mandates necessary to support ongoing effort to continuously improve IT security
Conduct ongoing third party assessments to ensure security is well maintained
Continually look for emerging threats and possible attacks on PerkinElmer infrastructure and develop methods, approach to minimize impact
Perform regular vulnerability scans of the PerkinElmer network and work with the various system owners to track and remediate issues
Perform regular security scans for PerkinElmer applications and work with the application owners to track and remediate the issues
Monitor and analyze security logs and incidents for the infrastructure
Assist in managing IT security awareness program

216

IT Security Analyst Resume Examples & Samples

Identify existence of securable resources and assist LOB staff in selecting appropriate resource owners –Work with resource owners in LOB organizations to determine appropriate security policies for securable resources
Consult with IT technical services staff to evaluate, select, install, and configure hardware and software systems that provide appropriate security functions
Assist resource owners and IT staff in understanding and responding to security audit failures reported by internal and external auditing departments
May review operation logs and event console activity to determine cause of security events or to identify potential security related events
Advise security administration staff on normal and exception processing of security authorization requests
Document corporate security policies; maintain resource classification scheme; may be required on occasion to present information on security status, project status, and security training to audiences from management to field staff as appropriate
Proactively protect the integrity, confidentiality, and availability of information in the custody of or processed by the company by; responding in a timely manner to a loss or misuse of Information assets, participating in investigations of suspected information security misuse or in compliance reviews as requested by auditors, communicating unresolved security exposures, misuse, or noncompliance situations to management
Consult with IT management to ensure selection and use of realistic enforcement mechanisms
Aid in review of security policies and resource classification scheme; keep management informed of project status
Provide technical expertise and guide the administration of security tools that control and monitor information security, including; updating access control tables, setting up user logon Ids and assigning/resetting passwords, designing computer system access reports to identify possible security violations
Research, evaluate, design, test, recommend, and plan implementation of new or improved information security technologies; analyze new software applications or tool implementations for implications to existing security technologies
Train information owners in the implementation of necessary computer security controls or new/upgraded security technologies; develop and implement information security educational programs, conducting awareness seminars and workshops as appropriate
Maintain technical reference library: develop technical information materials and workshops on these new areas for IT as appropriate (i.e., website)
Bachelor's degree In Computer Science, Engineering, or related discipline; MBA desirable: equivalent experience acceptable; three years of information security experience
Minimum five years of experience in IT, with a broad range of exposure to business planning, systems analysis, and application development; three years of experience with information security
Two to three years of relevant business environment experience
Experience In data administration and security methods, plus experience in various database design techniques; CISSP, CSA, or CISA preferred
Working knowledge of RDBMS technology and remote access control systems, VPN strategies, firewall and perimeter and endpoint protections technologies
Working knowledge of intrusion detection prevention, data loss prevention and vulnerability management
Familiarity with multi-platform environments and their operational/security considerations
Experience as an auditor is highly valuable
The following qualities or experiences are desirable; demonstrated competency in strategic thinking with abilities in relationship management, successfully developed and implemented new technology, demonstrated competency in developing effective solutions to diverse and complex business problems
Ability to relate business requirements and risks to technology implementation for security-related issues
Technical proficiency in security-related technologies; ability to function as a consultant to other IT groups on security matters as a recognized technical expert
Proven ability to work under stress in emergencies; flexibility to handle pressure coming from all directions simultaneously
Confidence and leadership as a member of project teams in a cross-functional environment

217

IT Security Analyst Resume Examples & Samples

Support the Risk Manager regarding all aspects of the information security enterprise-wide risk management program, with minimal supervision. Responsibilities include facilitating the identification of risks throughout the organization, developing, reporting and monitoring formats on risk management issues and developing methodologies for the assessment of risks throughout the organization
Design various assessments in support of compliance, privacy or security requirements for the business. Lead assessments where appropriate
Implement process workflows in in support of compliance, privacy or security functions. Identify and escalate issues to leadership in a pragmatic, actionable manner. Review and approve procedural documentation
Assist in development and continuous reporting of metrics mapped to goals
Lead coordination, consultation, and assessment efforts to track and remediate events and alerts, directs response to related incidents, internal or external audits, and / or control assessments
Develop and configure monitoring systems to protect data, defining baselines and reports used for trend analysis
Identify, report, and assist in resolving privacy, compliance or security violations and control gaps
Lead feedback with other IT teams to protect data from compliance, privacy or security compromise
Review and approve policies and procedures for identifying, reporting, and resolving compliance, privacy and security violations
Contribute to the strategic direction of the Risk Management team, working in conjunction with the Risk Manager to develop new capabilities, process efficiencies and goals
Security Governance Development: Participate in the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements to facilitate the establishment of common administrative controls for the delivery of security capabilities. Provide Information Security guidance through all phases of a project when identified as a necessary resource
Security Awareness: Develop content for organization wide and targeted security awareness training. Present relevant information security topics through a variety of forums depending on the audience
The above statement of duties is not intended to be all inclusive and other duties will be assigned from time to time
Professional certifications from the following programs: GIAC; ISC2; ISACA; CISSP, GSEC, GCFA, GSNA or CISA
PCI DSS testing experience and SSAE16 SOC experience

218

IT Security Analyst Resume Examples & Samples

Perform user account administration for enterprise applications
Assist with creation or maintenance of documented identity and access control standards, processes, and procedures in accordance with company policy and best practices
Assist with the maintenance of identity and access management workflows
Assist with the identification of improvements to overall user access request processes
Assist with user access reviews, coordinating with managers and business contacts and taking proper action on identified exceptions
Work with more senior team members to contribute to team projects
Provide on-call support on a rotating basis for urgent issues, including after-hours support
0-2 years’ experience in a security-related function
Familiarity with role-based access control concepts
Familiarity with identity and access management audit requirements
CISSP, CISA, or GIAC Certification Preferred

219

IT Security Analyst Resume Examples & Samples

Create, manage and maintain user security awareness and education
Implements policy, manage and prioritize security vulnerabilities
Maintains current knowledge of technology by attending appropriate continuing education training/seminars and reading related periodicals
Familiar with process improvement and project management methodologies
Participates in Hospital/Network Committees as assigned
1 – 2 years of Healthcare experience is preferred

220

IT Security Analyst Resume Examples & Samples

Ensuring that our security awareness program properly articulates our security culture, addresses the top information security risks to our organization, and the behaviors that should be changed to mitigate those risks
Devising positive and relevant information security topics for our employees, to educate them on current threats and best practices
Maintaining the phishing program which includes creating phishing exercises and reporting the results to management
Being able to communicate complex communications or messages in a simple, clear, and concise manner to various staff within our organization including different cultures, nationalities, international locations, and languages
Staying abreast of a broad range of security topics and information security risk-related trends
Working with the IT Security Awareness Manager to produce and dispense multimedia communications for internal audiences, including blogs, intranet webpages, training modules, presentations, and emails
Crosstrain and provide coverage for other coworkers as needed
A working knowledge of IT Security frameworks, industry regulations, and standards, such as ISO, PCI, FFIEC, GLBA, GDPR, and their associated security controls
Prior experience with the development of information security policies and standards documents is preferred
An understanding of financial sector regulatory requirements is strongly preferred
Strong professional and technical writing skills
Staying abreast of financial regulatory changes and industry related information security topics and information security risk-related trends

221

IT Security Analyst Resume Examples & Samples

50%
Operational Support
Product Management
One year demonstrated proficiency with an Information Security Audit, Identity Management or Architecture function in a

222

IT Security Analyst Resume Examples & Samples

Perform IT internal audits
Manage External IT Audits
Perform network risk assessments and scans
Understand Enterprise Security policies and practices, HIPPAA, HITRUST, PCI
Create Standard Operating Procedures
Recommend security enhancements and purchases
Train staff on network and information security procedures
Ensures the safety of information systems assets and protects unauthorized access to systems
Coordinates and communicates ongoing tasks with other teams for detection, prevention, mass infection clean-up, host server updates, and customer notifications
Interfaces with user community to understand security needs and implements procedures to accommodate them
Ensures users understand and adhere to necessary procedures to maintain security
Documents and administers IT security policies and practices
Analyzes and resolves security issues promptly
Tracks industry trends and maintains knowledge of new technologies
Administer and maintain user and group security to company wide applications with a high degree of accuracy including: Processing of Requests, Service Restoration and Support of Entitlement Reviews and remediation of exceptions
Understand and enforce General Computing Controls
Communicate with end users through multiple intake requests systems
Develop and maintain procedure documentation
Execution of month end reporting
2+ years of Information Technology experience
Ability to effectively communicate clearly in both written and oral form
Ability to concurrently handle multiple tasks, and work closely with Infrastructure and other technical staff
Knowledge of domain structures, user authentication, and digital signatures
Ability to articulate security issues and concerns to management
Bachelor's degree or higher level of education or equivalent experience
1+ year of exposure to Application Security Administrator experience
Security certification
Experience with Request Tools
Incident Management process experience

223

IT Security Analyst Resume Examples & Samples

Event monitoring, analysis, responding, and reporting for IT security incidents IT Security Incident response
Threat detection, response, and management
Policy compliance monitoring
Collaboration with IT Security Services Engineers to enhance and fine tune existing IT Security Services components, technologies, and services
3 year job goals

224

IT Security Analyst Resume Examples & Samples

Bachelor’s degree in Information Security, Information Technology, or equivalent technical experience
10+ years IT Security experience including security architecture
Security related professional certifications preferred, include CISSP, CISM, etc
· Excellent communication and collaboration skills; strong influencer, knows how to adjust messages given the audience, creates and presents IT Security materials, strong knowledge of contractual language
Strong foundational knowledge in multiple information security domains such as access control, network security, operations security, application security, cryptography, computer forensics, security architecture and design, mobile device security, cloud security best practices
Experience working in a managed security environment
After hours work may be necessary to support outages or off-hours maintenance windows
Experience performing IT security risk assessments and gap analysis
Strong skills in IT security system design, analysis and problem solving
Understanding of Citrix, Cyber-Ark, ePO, FireEye, Linux, Windows Server, PKI, and Active Directory

225

IT Security Analyst Resume Examples & Samples

Assists Security Administrators with the implementation and tuning of policies for systems such as IDS/IPS, SIEM and DLP
Works with Security Architects in determining the proper systems and tools to protect company resources
Reviews security event logs and alerts from security systems and tools such as firewall, IDS/IPS, DLP, SIEM and syslog
Conducts examinations of computers, system logs, applications and network security events
Performs risk analyses and security assessments
Maintains knowledge of HIPAA, PCI, SOX, ISO27001 and NIST Cybersecurity Frameworks
Performs vendor security assessments in the continental US and overseas (passport required)
Tracks findings and remediation activity to completion
Guides and trains Security Analysts I in day to day operations
Assists with the establishment of corporate security policies and procedures to protect information assets against unauthorized access, modification and/or destruction
Participates in the development and maintenance of security awareness training
Provides reporting for trending and key performance indicators related to the information security program
3 years of experience as a Security Analyst
Demonstrated knowledge of HIPAA, PCI, SOX, ISO27000 or NIST Cybersecurity Framework
Experience managing IDS/IPS, penetration and vulnerability testing
Experience implementing or managing DLP, SIEM, anti-virus and anti-malware solutions
Fundamental knowledge of TCP/IP, computer networking, routing and switching concepts
Working knowledge of firewall and intrusion detection/prevention protocols
Windows, UNIX and Linux operating systems
Experience with network protocols and packet analysis tools
Detailed oriented self-starter and the ability to work independently with limited supervision and limited direction, and in collaborative team environments
B. S. in Computer Sciences or equivalent experience
Working knowledge of one or more of the following: Tripwire Enterprise, Tripwire IP360, Nessus, BeyondTrust Retina, Qradar, Trustwave TrustKeeper, Proofpoint, McAfee ePO/HBSS
About National General Holdings

226

IT Security Analyst Resume Examples & Samples

Tier I analysis of security related events and alarms generated by Black Knight infrastructure security tools, including IBM Security QRadar SIEM, Dell SecureWorks, Palo Alto, IDS/IPS Check Point SmartEvent, SmartDashboard, SmartLog and Websense TRITON Web and Data and Email Security Gateways
Experienced in one or more of the following InfoSec disciplines: Intrusion detection system (IDS) monitoring, incident response, information assurance, computer security best practices, SIEM Monitoring and techniques for analyzing TCP/IP network traffic and event logs
Good knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
IBM Security QRadar SIEM
Network and host IDS/IPS monitoring and logging
Check Point Firewalls and Blade Technology
Firewall monitoring and logging, Check Point, Palo Alto, Cisco ASA
Antivirus monitoring and logging Symantec
Websense TRITON: Web Security Gateway, Data Security Gateway DLP, Email Security Gateway
Check Point SmartEvent, SmartDashboard, and SmartLog: Firewall activity blocks drops denies, Geo Protection, IPS events, Application and URL Filtering
Network and host DLP monitoring and logging, Websense TRITON
Web Security Gateway monitoring and logging, Websense TRITON
Email Security Gateway monitoring and logging, Websense TRITON
Infrastructure devices routers, switches, load balancers monitoring and logging
Experience with operating systems such as: Microsoft Windows XP/7/8, Linux, and UNIX
Experience working in a SOC, network operations center (NOC) or computer security incident response center (CSIRC)

227

IT Security Analyst Resume Examples & Samples

Obtaining security authorizations for systems under the authority of NCI-Frederick/FNLCR by conducting IT Security audits of the network and devices for Federal Information Security Management (FISMA) compliance
Privacy Impact Assessments (PIA)s of all Major/Minor/GSS systems
Ensuring NCI-Frederick/FNLCR information systems maintain appropriate operational security posture consistent with the FISMA, working in close collaboration with information system owners
Serving as an advisor on matters involving the security of NCI-Frederick/FNLCR information systems, and provides security awareness and training to NCI-Frederick personnel, customers, and users
Developing and ensuring compliance with FNCLR security policies, standards, and procedures
Monitoring NCI-Frederick/FNLCR information systems and environments of operations, including developing and updating security plans, managing and controlling changes to NCI-Frederick/FNLCR information systems, and assessing security impact
Developing and assessing information security requirements for NCI-Frederick/FNLCR, and ensuring information system owners integrate and implement security requirements into the design, development, and configuration of information systems
Coordinating security-related activities with the Information System Security Officers (ISSO), Information System Owners, and common control providers
Location will be mainly Frederick, MD but will also work 2 days a week in Rockville, MD
Possession of a Bachelor’s degree in job related field from an accredited college or university according to the Council for Higher Education Accreditation (CHEA) or four (4) years related experience in lieu of degree
Must have a current International Information Systems Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), or Global Information Assurance Certification (GIAC) certification or obtain professional certification within six (6) months of hire
A minimum of six (6) years progressively responsible job related experience. Experience must include functioning as an analyst or equivalent for compliance auditing, information security, information systems, business operations, or related
Practical understanding and application of the NIST Risk Management Framework and FedRAMP requirements
Work independently and make decisions regarding complex issues with appropriate consultation of peers, cross-functional teams, and supervisors
Must be analytical and able to analyze complex information, synthesize disparate data sources, and communicate effectively
Must be able to develop technical documentation and non-technical presentations; and, express information in a clear, concise, and organized manner, both verbally and in writing
Must be detail-oriented and possess strong organizational and project management skills with the ability to prioritize multiple tasks/projects
Demonstrate working knowledge of standards and guidelines for Information Security published by the National Institute of Standards and Technology (NIST)
Working knowledge and expertise required for administering the information security aspects of information systems in compliance with regulations and directives of FISMA, the Office of Management and Budget (OMB), and the Health Insurance Portability and Accountability Act (HIPAA)
Proficient with Microsoft Office suite and online research tools, including open-source tools and methodologies
Must be able to obtain and maintain a Security Clearance
Location is in Frederick, but must be willing to travel to Rockville office two (2) days a week
Master degree a plus
Experience with regulatory compliance related to cloud security
Some understanding of Project Management principles
Knowledge of open-source assessment methodologies

228

IT Security Analyst Resume Examples & Samples

Provision internal and external user ID requests and ensure access to all systems have been granted
Provide technical support to end users both internal and external
After Hours Support – Occasionally
Weekend Support - Occasionally
Excellent customer focus to support a positive customer service climate, is a must
Excellent analytical skills to properly plan, test, and fully implement security related interfaces
Strong written and verbal communication and interpersonal skills
Must be an innovative and achievement oriented individual
Expertise with IBM’s Mainframe security system: (RACF – Resource Access Control Facility)
Expertise with distributed systems security environments (LDAP)
Experience with the provisioning tools associated with the above security systems (TIM, Domino Administrator, Active Directory tool)
Experience with Unix, Intel and Mainframe systems
Degree in Comuter Science or a related discipline and a minimum of three years work experience in Mainframe, Client/Server, and Web Based environments, including experience with security front end systems such as RACF and LDAP or an equivalent in education and work experience

229

Senior IT Security Analyst Resume Examples & Samples

Responsible for security event monitoring
Responsible for security incident report investigation, and incident handling working closely with internal team, HR and Legal to perform investigation of security incidents in accordance with company policy. Provide forensic analysis in support of investigations and the CDOC team when needed
Create/maintain rules, filters, dashboards, and reports in SIEM system to identify malware activity, misconfigurations, and/or anomalies
Research the latest information security trends
Conduct strategic analysis of existing, new and evolving network security technologies
Knowledge of vulnerability scanning using the Tenable Nessus system or other equivalent network vulnerability assessment tools
Provide subject matter expertise to IT Compliance during IT internal and external audits
Ability to research and understand the latest vulnerabilities and threats
Bachelor of Science Degree Computer Science, Information Technology, Engineering, or related field of study with 7 years of relevant working experience relevant to Information Technology OR
High School Diploma or GED with a minimum 10 years of experience working specifically in Information Technology
3 + years of hands-on experience working as a security analyst
Applicant must be a U.S. Citizen, lawful permanent resident of the U.S., OR a protected individual a defined by 8 U.S.C. 1324b (a) (3),”
Experience with one or more security product sets from the following :Palo Alto, Checkpoint, Bluecoat,FireEye, and Tenable RSA SecurID experience
Experience in malware analysis and remediation
Solid understanding of the underlying LINUX/UNIX & Windows OS security architecture
Ability to design, deploy, support Security Solutions
Excellent technical documentation skills
Passion for cybersecurity
Customer facing skills are highly required

230

IT Security Analyst Resume Examples & Samples

Provide leadership in managing security reviews, validating requirements, designing solutions to address business problems, understanding and recommending changes to existing controls and systems
Engage with key business stakeholders to understand requirements, perform business analysis, and architect / design security solutions
Understand network security fundamentals, cloud service delivery models, third-party collocation offerings, network security infrastructure providing guidance, consulting, and oversight functions to cloud project teams
Support and consult with OPC partner teams (IT, security operations, corporate governance, product development, etc.) on technical security & risk considerations
Identify and vet new security solutions, driving design and integration requirements
Demonstrate flexibility and resilience in response to changing or ambiguous situations
Lead time sensitive projects involving multiple cross-functional teams and large scale security considerations, delivering consistently positive results
Contribute to defining framework used by the organization to establish security principles and practices, participate on deep technical security reviews & risk mitigation
Stay current on industry trends and influence Oracle policies / processes / design patterns
BS or MS degree or equivalent experience relevant to functional area with 5+ years of related experience

231

Senior IT Security Analyst Resume Examples & Samples

Participate in SOX control and control monitoring activities
Lead the creation of enterprise security documents - policies, standards, baselines, guidelines and procedures
Lead planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan
Familiar with SAP Security and applications
Experience with process control networks in a manufacturing environment
Experience with Assessment and Accreditation documentation/packages
Industry credentials such as CISSP, CEH, GIAC or other IT security related certification
Continuous Improvement such as Lean Six Sigma experience

232

IT Security Analyst Resume Examples & Samples

College diploma or university degree (or equivalent experience) in the field of computer science, information systems or computer engineering
3-5 years of information security experience required
Certifications/Exams: CRISC, CISA, CISM, CISSP, GIAC, or equivalent certifications strongly preferred
Strong working knowledge of security and risk frameworks, standards, and best practices (i.e. PCI, HIPAA, ISO, NIST, COBIT, ITIL, etc.)
Familiarity with regulatory requirements (e.g., GLBA, HIPAA, PCI, SOX, etc.)
Proven experience implementing and managing IT and security audits
Exceptional analytical, conceptual and problem-solving abilities
Exceptional understanding of the organization’s goals and objective
Strong organizational skills, including the ability to meet deadlines and follow written policies and procedures
Ability to communicate ideas in both technical and business language
Team oriented and skilled in working within a collaborative environment
Superior written and oral communication skills

233

IT Security Analyst Resume Examples & Samples

Perform Ediscovery, Investigation and Business Continuity Collections/Preservations under limited supervision of an Analyst II or higher
Track and enter all metrics associated with Ediscovery, Investigations and Business Continuity requests into Workfront
Research Ediscovery, Investigations and Business Continuity requests and validate the results
Utilize Investigative tools and resources to assist with information required for custodian identity confirmation and collection
Follows established process for common requests and issues. Determines course of action on uncommon/unique requests
Assist in documenting workflows, process and procedures
Assist in documenting SOP’s
Act as an advocate for the EDIG team’s adherence to Dignity Health policies and SOP’s covering Information Governance and Access to other users data

234

IT Security Analyst Resume Examples & Samples

Review Master Services Agreements (MSAs) and other legal documents to ensure Slalom can meet client contractual requirements
Respond to new client requests regarding Slalom’s Information Security Program – for example, completing client risk assessments or request for proposals
Collaborating with the Director of Information Security to provide ad-hoc responses to the business to meet client requests
Collaborate with the Information Security and IT teams to build collateral to achieve efficiency in response, such as canned responses regarding our security controls or documentation outlining our security program
Track client requests to ensure timely responses
Where appropriate, work with the Information Security team to provide guidance and solutions to meet client requests
Prior experience with contract review or administration
2+ years of experience in related positions, such as sales or information security support, legal, or contract administration
Bachelor Degree in Business or equivalent subject area required
Strong interpersonal and communication skills, particularly working with teams and written communication
Good analysis skills, and ability to focus on detail and accuracy
Strong technology skills, including MSFT tools, and ability to learn new technology quickly
Positive, relationship-oriented attitude and communication style
Ability to work with many levels in the organization, support departments and business leaders
Respond creatively to issues, change and high growth, and stay calm under pressure
You love helping people and solving business problems
You are excited to continually improve on processes and how things get done
You are a self-starter with a creative energy and passion for problem solving
You want to be someplace where you not only share your ideas but you implement your solutions

235

IT Security Analyst Resume Examples & Samples

Develops test cases and procedures for validation of project related security requirements
Executes test cases and procedures to validate security requirements have been met prior to the deployment of the new/enhanced capabilities to Ross’ environment
Assist in researching and evaluating various methods to secure systems, networks, databases, and business applications in support of the project deliverables, related services and other IT organizations
Maintains system, database, or network devices minimum security baselines and automated scripts use for host security certification process
Performs host security certification to ensure compliance with minimum security baselines
Assist in the execution of project related penetration testing and source code security review, where applicable
Contributes in identifying resolution to security related problems by using creative thinking and problem solving
Contributes to the development of technical reports, departmental metric reporting and/or security related presentations
Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy, so that Ross Stores is warned in advance and is ready to be fully compliant with these requirements
Minimum of 3 years in Information Technology Security
Demonstrated experience in information security for applications, web architectures, operating systems, databases, and networks
Working knowledge of UNIX and Windows
Ability to articulate security issues in terms of business risk
Ability to analyze and solve complex problems
Excellent attention and orientation toward meticulous work
Proficient in Microsoft Office Products
Familiarity with firewalls, VPN, PKI, IPS, wireless, IPT, virtualization security, Oracle and MS SQL preferred

236

Senior IT Security Analyst Resume Examples & Samples

Bachelor's degree in Computer Science or a related discipline or equivalent direct work related experience; OR 4 Years of prior equivalent work related experience in addition to a degree
Five or more years of relevant work experience in Information Technology in addition to a degree
Advanced understanding of security principles – desires to improve security at Duke Energy
Experience analyzing and troubleshooting network traffic
Experience troubleshooting Layer 2 and Layer 3 issues
Experience with first hop redundancy protocols
Experience with VPN configuration and troubleshooting
Experience providing end to end network support for large enterprise
Experience assisting other teams with the analysis of application problems
Experience troubleshooting foundational protocols such as DNS, DHCP, and ARP
Current Cisco CCNA – credentials will be verified
Current Cisco CCNP – credentials will be verified
Experience with Cisco ASAs
Experience with CheckPoint Firewalls
Experience with Palo Alto Firewalls
Working knowledge of IPv6
PCI Compliance experience
NERC CIP Compliance experience
Experience troubleshooting across firewall infrastructure with various third party tools
Experience in Data Center environment
Ability to manage multiple tasks and assignments
Proven ability to speak and write about complex technical topics to a less technical audience
Demonstrated leadership identifying improvement opportunities and solutions
Two or four year degree in relevant field

237

IT Security Analyst Resume Examples & Samples

Bachelor’s degree or higher from an accredited institution OR High School diploma/GED with minimum four (4) years of IT Security experience
DNS, DHCP, IPAM Experience
3M relocation plans vary. For more information on the relocation plan for this position, please contact the internal contact listed on the requisition

238

Senior IT Security Analyst Resume Examples & Samples

Extensive knowledge of Microsoft OS, Unix, Linux, Oracle and application patching policies, processes, and procedures
Extensive knowledge of Internet and intranet security requirements, vulnerabilities
Considerable knowledge of authentication systems
Knowledge of state and federal laws pertaining to emergency preparedness and management of disasters; state, federal and local emergency operation systems and emergency response and recovery principles and concepts
In-depth understanding of the OSI model and TCP/IP
In-depth understanding and experience supporting the security requirements for at least one of the technical disciplines of networking, application development, databases, or web enabled services
Strong understanding of performing vulnerability scans using popular open source scanning tools
Excellent time management and organizational skills, specifically managing multiple concurrent tasks
Ability to provide technical direction and assistance to technology staff related to security features and requirements
Ability to fully understand the requirements of Commonwealth Security standards and to work with agency management and users to implement those requirements
Ability to analyze and evaluate security solutions/components for business requirements
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism, and confidence
Experience supporting an overall risk management process for the agency
Experience with IT governance, policies, controls, and compliance
Experience in monitoring and protecting the attack surfaces
CISSP (Certified Information Systems Security Professional) certification or other IT system administration certification preferred
Bachelor’s degree in information security, computer science, information technology, mathematics, engineering, or related field preferred; or an equivalent combination of training and experience can substitute

239

IT Security Analyst Resume Examples & Samples

Execute the Enterprise IAM strategy and reference architecture, including standards and frameworks aligned to the overall business strategy
Execute alignment of the IAM program with over-arching business needs by driving meaningful collaboration with program stakeholders
Collaborate with business/process owners to learn about their IAM needs and effectively communicate the benefits of IAM in security, technology administration efficiency, compliance, and business agility while still achieving project plan goals and milestones
Document and track logical and physical access control rules and rights for each group of users in the form of standard user access profiles based on need-to-know, need-to-share, least privilege and other relevant requirements
Process second and third level requests associated with IAM functionality and solutions
Periodically review and recertify identities across the enterprise to ensure they are still valid and that users continue to have minimum access necessary to perform their specific job function
Understanding of IAM concepts, including but not limited to user provisioning; entitlement review and certification; multi-factor authentication; enterprise directory architecture and design; Role-Based Access Control; Attribute-Based Access Control; single sign on; identity federation; privileged access management
Technical understanding of IAM and service lifecycles
Familiarity with a broad range of IAM technologies and experience in one IAM tool such as Oracle, SailPoint, CA, IBM
Demonstrated knowledge in governance frameworks including: ISO 27001, NIST CSF, COBIT, ITIL

240

IT Security Analyst Resume Examples & Samples

Assist with Incident Response and Incident Management activities, including incident triaging, containment, eradication, recovery, notification, and executive reporting
Coordinate with SOC and SIEM teams to perform real-time incident analysis and root cause analysis reporting
Assist with network, device, system, and malware forensics activities; coordinate with appropriate teams to gain access to devices for forensics analysis, as necessary
Assist to build a comprehensive Incident Management and Forensics program, including developing an Incident Management Playbook to be used for responding to security incidents, performing tabletop exercises, etc
Assist to plan and facilitate Incident Response tabletop exercises; identify and document lessons learned from exercises, report learnings to executive leadership, and integrate lessons learned into the Indecent Management Playbook
Understanding of the phases of the Incident Response Life Cycle
Understanding of concepts such as incident scoping, incident containment, forensic analysis, and remediation
Understanding of information security threats affecting the healthcare industry
Understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.)

241

IT Security Analyst Resume Examples & Samples

Develop, implement, and maintain a threat and vulnerability identification, verification, and management services program; identify system logging needs and work with the Security Operations Center (SOC) to ensure appropriate monitoring
Collaborate with business and technology stakeholders to identify and track assets and develop processes for routine vulnerability scans; conduct vulnerability scanning and remediation activities
Evaluate new technologies and processes that may enhance the security posture of the organization
Develop, implement, and maintain structured processes to measure the effectiveness of vulnerability assessment and threat intelligence activities
Mitigate technical vulnerabilities as they are identified; conduct threat intelligence activities and coordinate relevant threat communications to business and technology stakeholders
Develop TVM metric reports to be delivered to the CISO and executive management team
Update processes and activities in response to feedback from customers, internal reviews, lessons learned from tabletop exercises and real incidents, and assessments of the changing threat and vulnerability environment
Understanding of TVM processes such as Security Incident and Event Management (SIEM), vulnerability scanning, endpoint security (e.g., anti-virus), continuous monitoring, advanced malware identification (e.g., FireEye), and forensic investigations
Understanding of system security vulnerabilities and remediation techniques
Understanding of the cyber kill chain and threat intelligence lifecycle
Understanding of cyber tactics and procedures to counter threats
Demonstrated awareness of the latest cybersecurity trends and developments
Knowledge of governance frameworks including but not limited to: ISO 27001, NIST CSF, COBIT, ITIL

242

IT Security Analyst Resume Examples & Samples

Act as a knowledgeable expert in the SIEM solution and maintain SIEM day to day operations
Work with external teams to ensure all necessary logging sources are reporting to the SIEM
Develop, implement, and maintain structured processes to measure the effectiveness of vulnerability assessment activities
Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources; log collection rate, and server performance

243

IT Security Analyst Resume Examples & Samples

Work with oversight committees and privacy, legal, and compliance stakeholders to develop enterprise-level information security compliance policies that address purpose, scope, and policy directives
Monitor and analyze a register of legal, regulatory, industry, and contractual information security compliance requirements
Work with the CISO and other Security Governance leaders to implement a strategy for addressing compliance and security requirements for third parties; provide periodic updates on information security compliance status
Track, analyze, remediate, and report on outstanding information security audit findings related to third parties/vendors
Identify, monitor, resolve, and/or escalate information security compliance issues
Conduct third party information security assessments and on-going third party assurance activities, including assessing outsourced information security activities; provide support for joint venture, merger and acquisition, and divestiture security assessments/reviews
Prepare reports to provide to the CISO and executive management team
Knowledge of governance frameworks, including but not limited to: ISO 27001, NIST CSF, COBIT, ITIL
Knowledge of regulations, industry standards, and/or contractual obligations, including but not limited to: HIPAA, PCI DSS, Sarbanes Oxley, GLBA, SOC /SSAE16, HITRUST, etc

244

IT Security Analyst Resume Examples & Samples

Administer, support and improve Vertiv’s Security Operations Service Components
Automate the gathering, parsing and reporting of security events from various Endpoint security components
Perform routine auditing of system configuration compliance
Perform daily tasks based on internal work instructions and documentation
Escalate and collaborate with senior technical peer within region as assistance is needed
Participate in information gathering during the troubleshooting of any major issues
Participate in process and procedure improvement
Maintain and support complex internal security infrastructure used to deliver Managed Security Services
Responsible for supporting managed client devices such as patch management, software delivery, AV Solution, Mobile Device management, Web Filtering, Vulnerability Scanner, Active Identity, and Encryption
Responsible for the completion/documentation of daily tasks specific to each client’s statement of work and service definition
Responsible to close tickets related to Security Service Operations Issues or Requests
Act as a technical consultant to the enterprise and leads research, and prototyping of innovative technologies and products
Ensure the technology and architectural roadmap of engineering is properly aligned with and supports the product/business roadmap
Technical lead of assigned security service component(s)
Must be willing to work extended hours on an as needed basis
Must be willing and able to travel to remote Vertiv locations for periodical training
3-4 years of related experience in IT including security and project(s)
BA/BS in Business Administration, Information Technology or related area, may be substituted with years of experience in field
Security related certifications are a plus but not required

245

IT Security Analyst Resume Examples & Samples

Running Security assessments against customer hosted services
Elaborate reports for reporting risks resulting from Internal and/or external assessments or audits
Define, document, maintain, communicate security services for Cloud Services
Manage the Security Services Delivery to ensure that services are being delivered as per contracts
Posess an understanding of security standards and risk management

246

IT Security Analyst Resume Examples & Samples

Work within the Security team to develop, implement, test and document security control systems and equipment, including prototypes
Research new technologies, processes, and configurations to effectively protect the network. Provide recommendations based on research
Analyze reports and other data to identify trends and concerns
Bachelor’s degree in Computer Science, Programming, Engineering or a related field
Excellent communication skills including written, verbal, presentation and facilitation
CompTIA Security+ certification
Must be able to work in a potentially stressful environment
Position is in a busy, non-smoking office located in downtown Phoenix, AZ
Must be able to frequently lift and carry up to ten (10) pounds
Personal protective equipment is required when performing work in a mine, outdoor, manufacturing or plant environment, including hard hat, hearing protection, safety glasses, safety footwear, and as needed, respirator, rubber steel-toe boots, protective clothing, gloves and any other protective equipment as required
Freeport-McMoRan promotes a drug/alcohol free work environment through the use of mandatory pre-employment drug testing and on-going random drug testing

247

IT Security Analyst Resume Examples & Samples

Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements
Coordinates responses to information security incidents and fraudulent activity
Assists in creating/updating documentation of all procedures within the Systems and Security Operations Center
Acts as back-up for SSOC Operations Analysts, as needed
Performs Security Incident Response activities as directed by the Incident Response Plan
Conduct corporate-wide data classification assessment and security audits and manage remediation plans
Manages security compliancy to exceed PCI DSS 2.x
Manages SSOC security toolsets. Report on SSOC activities and performance to Operations Center leadership
Initiates corrective action or carries out instructions to resolve security related issues or system errors
Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information
Recognizes and identifies potential areas where existing policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion or compliance related areas
Prepares documentation, including corporate security policies and procedures, production/deployment notifications and security alerts
Conducts platform or operating system vulnerability scans which assess exposure of system to attacks or hacking. Responds to questions regarding viral activity, concerns about spam/phishing etc. Produces quarterly passing attestation reports for PCI compliance
Facilitates teamwork and shows commitment to organizational objectives
Provides backup support for incoming Service Desk calls and email

248

IT Security Analyst Resume Examples & Samples

Working with Senior IT Security and IT Security Engineers, assists with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention)
Functions equally well in abstract, conceptual, and architectural work as in granular technical implementation and configuration work
Implement tools, processes, and communications that support information security initiatives
Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains
Operate Information security tools and processes
Execute established security practices with consistency and discipline
Collaborate with engineers to implement standardized practices and follow routine processes to promote secure systems
Operate, observe, and analyze security practices
Process service request tickets efficiently and reliably
Performs Correction of Errors (CoE) of all incidents, often with members of other teams
Monitors and tests fixes and patches to ensure problems have been adequately resolved
Assists in the development of security policies and procedures
Continuously monitors tools for events that could lead to a breach
Bachelor’s Degree or equivalent experience required
3 years minimum of relevant experience in local and wide area networking and communications within a multi-platform environment
Experience analyzing network, event, and security logs, and/or IDS alert logs

249

IT Security Analyst Resume Examples & Samples

Responsible for understanding Cloud's information security risk appetite and how this may evolve
Responsible for managing business information security risks; ensuring that adequate controls are defined, owned and implemented to reduce risks to an acceptable level
Responsible for engaging with staff so they are aware of, and understand their information security responsibilities as employees; and
Proven experience of developing and delivering Information Security awareness training to others
Well-developed communication and interpersonal skills

250

IT Security Analyst Resume Examples & Samples

Assist in performing risk assessments and penetration testing of internally- and commercially-developed applications (web, desktop, and mobile) systems
Assist in evaluating and developing the security controls for Omnicom/DDB IT solutions of all types (mobile, web, client-server, etc) both pre- and post‐implementation
Assist in managing and deploying large-scale Omnicom/DDB security projects and initiatives across the organization
Assist in ongoing Omnicom/DDB security-centric processes such as organization-wide vulnerability scanning and remediation activities
Actively participate and assist in managing Omnicom/DDB organizational information security awareness and communications efforts
Maintain current knowledge of security vulnerabilities, threats, and industry best-practices
Assist in managing various Omnicom/DDB information security policies, standards, and guidance
Assist in developing and implementing an annual personal education plan to develop and maintain currency of security-‐related skills, technologies, methodologies, and best practices
Participate in appropriate and relevant conferences and courses to maintain technical proficiency
Monitoring security tools and systems for suspicious activity
Investigating suspicious activity and determining escalation paths
Experiment with different domains of information security
A strong, confident communicator who can interface with and provide security guidance to members of the organization across departments and at all levels as well as our external partners
A bachelor’s degree or 5+ years of experience working in and around the Information Security domain and Cybersecurity
AWS, Azure, Google security experience
Strong work ethic, desire to be challenged, and desire to learn
Able to operate in a highly social and collaborative workplace
Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
A passion for staying ahead of Information Security developments and threat landscapes
Experience working in a SOC environment is necessary in addition to understanding how a 24x7 environment works supporting commercial and/or government clients
Knowledge of Linix operating systems and command line tools
Possession of excellent initiative and critical thinking skills
Entry-to-intermediate level certifications that demonstrate a basic knowledge of security concepts (e.g., Security+, GSEC, CEH) and especially hands-on technical ability (e.g. OSCP) are a plus

Download IT Security Analyst Resume Sample as Image file

Related Job Titles

IT Security Consultant Resume Sample

Security Analyst Resume Sample

IT Security Resume Sample

Security Business Analyst Resume Sample

Data Security Analyst Resume Sample

Info Security Analyst Resume Sample

Information Security Risk Analyst Resume Sample

Analyst, IT Security Resume Sample

System Security Analyst Resume Sample

IT Security Risk Resume Sample

Systems Security Analyst Resume Sample

Senior IT Security Resume Sample

Browse More

IT Security Analyst Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 IT Security Analyst resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

Lead IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst, Junior Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

Senior IT Security Analyst Resume Examples & Samples

IT Security Analyst Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume