Senior Security Analyst Resume Samples

4.7 (96 votes) for Senior Security Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the senior security analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
CT
C Tromp
Chance
Tromp
2110 Eleonore Brooks
Detroit
MI
+1 (555) 143 4789
2110 Eleonore Brooks
Detroit
MI
Phone
p +1 (555) 143 4789
Experience Experience
Dallas, TX
Senior Security Analyst
Dallas, TX
Sipes, Fritsch and Champlin
Dallas, TX
Senior Security Analyst
  • Assist with the development of the FIRM's plans to adopt the NIST Cyber Security Framework
  • Provide security input into medium to high complexity development efforts that may impact security
  • Establish and maintain effective communications and relationships across departments, business areas and vendors
  • Perform liaison at outside conferences, events and companies
  • Provide security advisement to fellow team members and other associates
  • Develop relationships with external security organizations to maintain awareness of security issues and trends
  • Ensure prudent use of firm's financial resources
New York, NY
Senior Security Analyst
New York, NY
Bernhard, McDermott and Greenfelder
New York, NY
Senior Security Analyst
  • Deep technical expertise in at least one of the domain areas: Access Control Systems and Methodology, Telecommunications and Network Security, Business Continuity Planning and Disaster Recovery Planning, Security Management Practices, Security Architecture and Models, Law, Investigation, and Ethics, Application and Systems Development Security, Cryptography, Computer Operations Security, and Physical Security
  • Utilize various information security solutions, and associated security event data, for the global enterprise, such as, but not limited to web security solutions (web gateway, web application firewall), endpoint security solutions (antivirus, desktop firewall, web content filtering, intrusion prevention), encryption and certificate management solutions (full disk, file/folder, PKI), data leakage protection (DLP), and other solutions used to ensure regulatory and corporate policy compliance
  • Support Security Site Surveys of launch sites new to the EELV program; evaluate Launch Services Provider's Program Protection Plan; Facilitates CSOSA Agreements between NASA, CCAFS, and LSP; assess security and information assurance risks arising from any of the above activities, weekly coordination meetings with security representatives at CCAFS and VAFB to coordinate activities and work products across locations
  • Manage and operate all security solutions and technology used in cyber security to provide protection and regulatory compliance
  • Responsible for an organizational continuous improvement program, including the development of processes and procedures to drive consistency and quality across the organization
  • Gathers research covering latest security threats and vulnerabilities. Identifies weaknesses and exposures. Recommends protection and mitigation strategies for peer review, input and feedback. Presents recommendation to key stakeholders for further input, feedback and/or approval
  • Partners across the Enterprise Security Services organization and key business areas to facilitate alignment with security governance practices and compliance with corporate policies and standards, and control frameworks
present
New York, NY
GIS Senior Security Analyst
New York, NY
Hermiston Group
present
New York, NY
GIS Senior Security Analyst
present
  • Assist in the development of new approaches that will allow greater standardization and more effective management of information security metrics
  • Monitor host and network detection systems, assist with operations, maintenance and configuration oversight
  • Assist with post mortem analyses of information security breaches, violations and incidents to identify root cause and lessons learned
  • Provide in-depth technical input for investigations of information security incidents including internal/external fraud, hacking attempts, and system outages
  • Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc
  • Reconstruct events of a compromise by creating a timeline via correlation of forensic data
  • Assists with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of Georgia
Bachelor’s Degree in Computer Science
Skills Skills
  • Ownership and accountability for deliverables
  • Manage secure configurations baselines and monitor compliance to reduce vulnerability threat profile
  • Solid written and verbal communications skills and ability to work collaboratively
  • Self-motivated with the ability and maturity to make decisions in the absence of detailed instructions
  • Highly motivated self-starter with ability to work independently or with a team. (1)
  • Knowledge of SDLC, SIEM, DLP, Vulnerability Analysis and Enterprise Architecture
  • Demonstrates solid experience in technology and processes related to Anti-Virus, Vulnerability Assessment, Intrusion Detection Systems and Incident Response
  • Demonstrates solid problem identification skills and the ability to handle problems at times of a complex nature
  • Illustrates solid knowledge of IT development processes and techniques
  • A solid understanding and knowledge of LDAP
Create a Resume in Minutes

15 Senior Security Analyst resume templates

1

Senior Security Analyst Resume Examples & Samples

  • Leading the IT Security Team
  • Coordinate with Corporate and Segment in compliance of IT Security policies and standards and relating activities
  • Develop and maintain business unit information security policies and standards for IT security enforcement and compliance
  • Identify potential security threats and initiate IT security related project/ product evaluation
  • Provide advice and recommendation on detailed plans and procedures to deliver IT security solution
  • Act as the security architect and participate in IT Architecture Team
  • Advise on risk and security implications of daily IT security operations and IT projects within the context of security compliance
  • Plan and execute security checks on IT assets, security risk assessment and internal security compliance review
  • Liaise with Corporate Security and escalate business unit security incidents to Corporate, where appropriate
  • Follow up with users for any non-compliance issues and coordinate plans for remediation/ mitigation of risks and exposure
  • Promote and raise awareness of IT security
  • A degree in Computer Science or related equivalent
  • At least 7 years working experience related to information security service and consultancy (Candidate with less experience might be condisered as Security Analyst)
  • Holder of CISSP, SSCP or CAP qualification
  • Solid experience in implementation of IT security management such as BS7799, ISO 27001
  • Strong experienced in defining and implementing security policies and procedures including formulating security strategy, designing security framework and architecture, performing security risk assessments in-line with industry and best practices
  • Business related security consulting experience is preferred rather than simply technical security knowledge
  • Maintain up-to-date market knowledge of security threats and product enhancements related to IT security
  • Knowledge of risk management methodology will be an advantage
  • Effective problem solving, supervisory and coaching skills
  • Fluent in English and Cantonese both oral & written for report writing & presentations
2

Senior Security Analyst Resume Examples & Samples

  • Perform information security risk assessment on new applications and changes to applications
  • Reports IS gaps to IT as applicable with appropriate recommendations
  • Recommend security solutions according to Security Policy and Practices established by Citigroup
  • Promote awareness of current policies and standards as well as revisions and developments; provide consistent interpretation of policy to IT
  • Establish and maintain relationships with domain architects, project managers and others within the technology development unit
  • 5-10 years of information security knowledge, IT risks and controls assessment
  • Application security risk assessment experience is desirable
  • Good understanding of the information control areas including authentication, authorization, access control, auditing and cryptography for applications
  • Knowledge of OWASP guidelines for application
  • Knowledge of software development processes, integration of security assessments in SDLC process and secure coding is desirable
  • Experience with vulnerability assessment and related risk assessment tools and/or application development experience is a plus
  • Proficient in MS Office products particularly PowerPoint & Excel
  • Professional certifications such as CISSP and CSSLP or willingness to obtain certification within 12-18 months of start date
3

Senior Security Analyst Resume Examples & Samples

  • 7-10 years of Information Security Knowledge of Information Security, IT Risks and Controls assessment
  • Application Security risk assessment experience is required
  • Very good understanding of the Information control areas including Authentication, Authorization, Access Control, auditing, cryptography for applications
  • Has knowledge of OWASP Guidelines for Application
  • Has knowledge of software development processes, integration of security assessments in SDLC process, secure coding is required
  • Has experience with vulnerability assessment and related risk assessment tools and/or application development experience is a plus
  • Proficient in MS Office products, particularly PowerPoint & Excel. Exhibit strong influencing/negotiation skills as well as written/verbal communication skills
  • Very good problem solving, analytical skills
  • Fluent in English and good communicator
4

Senior Security Analyst Resume Examples & Samples

  • 5-10 years of Information Security knowledge, IT Risks and Controls assessment
  • Application Security risk assessment experience is desirable
  • Good understanding of the information control areas including Authentication, Authorization, Access Control, Auditing, Cryptography for applications
  • Proficient in MS Office products, particularly PowerPoint & Excel
  • Exhibit strong influencing/negotiation skills as well as written/verbal communication skills
5

Senior Security Analyst Resume Examples & Samples

  • 7-10 years of Information Security knowledge, IT risks and controls assessment
  • Application security risk assessment experience is required
  • Very good understanding of the information control areas including authentication, authorization, access control, auditing, cryptography for applications
  • Knowledge of software development processes, integration of security assessments in SDLC process, secure coding is required
  • Very good problem solving , analytical skills
6

Senior Security Analyst Resume Examples & Samples

  • Recommend security solutions according to security policy and practices established by Citigroup
  • Promote awareness of current policies & standards as well as revisions and developments; provide consistent interpretation of policy to IT
  • Good understanding of the Information control areas including authentication, authorization, access control, auditing and cryptography for applications
  • Knowledge of OWASP Guidelines for application
  • Exhibit strong influencing / negotiation skills as well as written / verbal communication skills
7

Senior Security Analyst Resume Examples & Samples

  • IT Security Policies and Standards (ISPS)
  • Minimum Security Baselines (MSB)
  • Provide functional project, reporting, and analysis support for Information Security data analysis activities
  • Solve problems and make recommendations related to systems & the management of information
  • Work with cross-organizational teams to assure that systems and processes support business requirements
  • Design, development, maintenance, and support of MS SQL data warehouse that provide information and analytics in support of operational activities
  • Three or more years of professional database engineering and/or administration experience Experienced in the design, development, maintenance, administration, and support of relational databases (MS SQL)
  • Expert knowledge of Microsoft SQL Server 2008 including Reporting Services (SSRS) and Integration Services (SSIS)
  • Expert proficiency with SQL languages (SQL, T-SQL) with advanced analytic SQL functions skills
  • On the Microsoft SQL Server database platform
  • Strong understanding of systems administration and/or coding principles and concepts; queries, views, procedures, and jobs
  • Experience with web development technologies (.NET, HTML, XML, Servlets, REST, Tomcat, PHP, JSP)
  • Familiar with the benefits and challenges of large data sets and systems
  • Brings intellectual curiosity and creativeness to work every day
  • Ability to solve difficult problems in innovative ways
  • Top-notch analytical skills
  • Passionate about using data to solve pressing and/or difficult questions
  • Excellent communication abilities, both written and verbal, with the ability to communicate clearly and effectively based on the audience
  • Desire to work in a cross-functional and highly collaborative environment
  • Demonstrated ability to deliver on commitments to themselves, the team, and their customers
  • Comfortable pushing for more information or detail when prudent
  • Experience with business intelligence tools, reporting and data mining in data warehouse environment is a plus
  • ITIL Foundations
  • Some GIAC certification
  • Some college courses or associate’s degree with focus in engineering, sciences, or IT
8

IT Senior Security Analyst Resume Examples & Samples

  • Manage and evolve the Corporate Information Security policies, processes, standards and procedures in accordance with ISO 27001 and the SSAE 16
  • Formalize, implement and perform the ongoing management of a Corporate-wide Security Awareness Program
  • Manage the effective use of internal and multiple external team resources and participate in the consultation with the IT Security team in the implementation of practices, technical and administrative changes relative to the secure transmission and storage of data, access to computer networks, use of computer resources and the appropriateness of the security architecture
  • Assist in the CSIRT process enhancement and ongoing development to strengthen the Russell’s incident response capability
  • Assist in the investigation process in response to information security incidents and events. Ensure appropriate management reporting takes place and an incident process exists that incorporates chain of custody records, reporting procedures, and appropriate forensics methods and technologies
  • Participate in information security audits performed by Internal Audit and external auditors, including the development of management responses and remediation of exceptions; assist the audit work in the scope of Russell’s corporate finance audit and the SSAE review
  • Assist in the active promotion of the awareness of security policies and practices with external technical support services; conduct information security training sessions for associates and external business partners
  • Manage and evolve the existing data loss prevention policy in accordance with Information Security and Corporate Compliance guidelines
  • Bachelor’s degree preferred; Master’s degree and/or advanced education in computing security, risk management, audit and controls is preferred
  • Certified Information Security Manager (CISM) preferred
  • A proven track record of having developed and implemented a corporate-wide Security Awareness Program
  • Extensive knowledge of security best practices including identity and access management, data loss prevention and incident management; project management; and policy establishment
  • Experience in both direct and indirect management responsibilities (via an outsourced or managed security-as-a-service provider) is required
  • The ability to communicate (both written and oral) in a tactful, responsive and timely manner across multiple internal organizations is essential
  • The ability to manage multiple assignments and priorities is mandatory
9

Senior Security Analyst Resume Examples & Samples

  • Possesses a university degree/college diploma in Science or equivalent work experience
  • 3-5+ years IT experience in Information Security
  • Experience with Security Event Management
  • Experience with Intrusion Detection
  • Solid experience in Network Security
  • Possesses expert knowledge of ArcSight Logger and Enterprise Security Manager and similar security information management and analytical tools
  • Completion of security certifications (i.e. CISSP, SANS, CISA, CISM, etc.) is considered an asset
  • Demonstrates solid experience in technology and processes related to Anti-Virus, Vulnerability Assessment, Intrusion Detection Systems and Incident Response
  • Displays advanced knowledge of network security and Windows/UNIX/mainframe security desirable, along with past experience designing/implementing high availability security systems in a large heterogeneous IT environment (10,000+ users)
  • Illustrates solid knowledge of IT development processes and techniques
  • Possesses solid communication and presentation skills, both verbal and written
  • Ability to supervise activities of junior team members
  • Displays solid analytical skills, including basic statistical analysis
  • Maintains a solid ability to work in high pressure or crisis situations
  • Exhibits advanced problem analysis and resolution techniques in the field of information security
10

Senior Security Analyst Resume Examples & Samples

  • Perform active security event monitoring of the BMOFG Enterprise utilizing a variety of
  • Possesses a university degree/college diploma in Computer Science, IT related disciplines or equivalent work experience, and/or 5+ years of IT experience with at least 3 years of hands-
  • Completion of security certifications (CISSP, GCIA, GCIH, GREM, CEH, CIH, CISA, CISM, etc.) is preferred
  • Demonstrates solid experience with technology and processes related to Anti-Virus, Intrusion Detection/Prevention, Proxy, Firewall, SIEM, and/or Vulnerability Assessments, and Incident Response
  • Displays a solid knowledge/understanding of TCP/IP networks, security and traffic analysis
  • Displays a solid knowledge/understanding of networking principles such as routing, protocols, network applications, etc
  • Displays a solid knowledge/understanding of desktop, server and mobile operating systems and security features/configurations
  • Demonstrates solid knowledge/understanding of the Incident Response life cycle, the Cyber
  • Possesses solid communication skills, both verbal and written
  • Possesses solid analytical skills, including statistical analysis and trending techniques
  • Possesses solid facilitation, conflict and issues resolution and escalation skills
  • Possesses solid knowledge of risk assessment and quantification methodologies
  • Demonstrates potential for leadership and commitment to continuous learning in a dynamic environment
11

Technology Senior Security Analyst Resume Examples & Samples

  • Minimum Security Baselines
  • Perform barrier analysis on vulnerability remediation and work with Information Security and Operations teams to identify and implement corrective measures
  • Develop reports that reflect vulnerability management program effectiveness and efficiency and perform targeted historical analysis; review historical trending data and recommend improvement opportunities
  • Work with Security Architecture and technology stakeholders to inform the development of Minimum Baseline Standards for secure configuration
  • Vulnerability Management Program Support: Meeting facilitation, activity measurement, customer engagement, and program education
  • Remediation Barrier Analysis: Analyze remediation failures and work with Information Security and Operations teams to identify and implement corrective measures
  • Proven knowledge of core Internet and networking protocols (DNS, DHCP, TCP/IP, ARP, HTTP, HTTP/S, SSH) and IP communication is required
  • Ability to work effectively in a cross-functional and highly collaborative environment; shares responsibility well and is flexible in work assignments
  • Able to engage individuals and teams to evangelize processes, provide guidance constructively and in the context of the business need
  • Able to remain productive despite ambiguity; uses professional concepts and company objectives to resolve complex issues creatively and effectively
  • Demonstrated experience in systems administration, application infrastructure support and middleware operation
  • Some experience with SQL languages (SQL, T-SQL) with advanced analytic SQL functions skills on the Microsoft SQL Server database platform
12

Senior Security Analyst Resume Examples & Samples

  • Perform security testing of various IT network infrastructures, including vulnerability assessment scan, penetration testing, and other testing techniques
  • Act as subject manner expert for website security and associated internet facing components, such as secure coding practices, application security best practices and domain name infrastructure protection
  • Collaborate with various Bell’s internal stakeholders that include Procurement, Legal, Trademarks, Branding, IT & other security stakeholders as well as external partners
  • Analyse security information and artifacts such as scan results, logs, and files
  • Document analysis results, produce report and present to technical and executive stakeholders
  • Participate and contribute to the various activities of the Corporate Security Information Protection group, such as digital forensics, cyber threat intelligence and incident response support
  • Degree in technology-related field, or equivalent work- or education-related experience
  • Bachelor’s degree in technology-related field, or in computer science with a specialization in telecommunications, or the equivalent
  • In depth knowledge of security testing tools and methodologies, including penetration testing and vulnerability assessment tools, and associated result analysis
  • In depth knowledge of network-based and host-based artifacts analysis and forensics
  • In-depth knowledge and experience with and standards such as, ISO 27002,17799, ITIL, COBIT, NIST, PCI, ISF and others
  • The following certifications are an asset: OPST, CEH, GIAC, PWK, ITIL, CISSP, CISM and CISA
  • Sound document writing skills
  • Initiative
  • Sense of collaboration (teamwork)
  • Ability to influence
13

Senior Security Analyst Pim Ak Resume Examples & Samples

  • Security reviews of third party engagements
  • Incident Monitoring and Reporting related to Data Loss Prevention, Key Risk Indicators, Management reporting
  • Exceptions review and processing
  • A strong control / compliance consciousness prior experience in a governance and/or control function is preferable
  • Understanding / experience with Technology (e.g., network, internet, software platforms, etc.)
  • Project Management experience experience with managing cross business unit projects a definite plus
  • Asset Management experience is a plus
  • CISSP certification is desirable but not required
  • Strong communication and partnering skills
  • Initiative and drive for results
  • Ability to work independently and on a team
  • Proficient in Microsoft Office products (Word, Excel)
14

Senior Security Analyst Resume Examples & Samples

  • Proven visionary leader that will challenge the status quo and appropriately leverage the latest in technology
  • Effective Leadership
  • In-depth understanding of technology in direct responsibility
  • General understanding of related technologies
  • Knowledge of industry and market trends
  • Proven visionary capable of developing and managing both the tactical and strategic directions of the infrastructure
  • Advanced University Degree or equivalent combination of education and experience
  • 8 - 12 years relevant business experience
  • Multi cultural and x-region experience desired
  • Information Security Professional with min of 5-7 years experience supporting Financial and Government clients. CISSP certification required
  • Must be capable and comfortable interacting (meetings, briefing and presentations) at the organization’s most senior executive level
  • Solid understanding of monitoring and intrusion detection HW/SW required. Specifically, Dragon, Arcsight, etc…; Actual technical experience a plus
  • Excellent attention to detail with results-oriented approach to all tasks
15

Senior Security Analyst Resume Examples & Samples

  • Design, integration and support of SIEM solutions(Splunk, Arcsight, RSA) for various customers
  • Perform as the subject matter expert on SIEM solutions for the customer, use the capabilities of the solution in the daily operational work and workflow of the end customer, implement and administer the SIEM solution at the customer site, advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements
  • Collaborate with security architectures, engineering and operations to ensure effective SOC monitoring is implemented for all environments
  • Publish weekly and monthly reports to the clients
  • Provide both strategic analysis and near real-time auditing, analyzing, investigating, reporting, remediation, coordinating
  • SIEM implementation experience
  • Experience in security role with a strong working knowledge and understanding of information security frameworks,
16

Senior Security Analyst Resume Examples & Samples

  • Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed
  • Assess security incidents quickly and effectively communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact to JPMorgan Chase & Co
  • Develop content (e.g., SIEM, IDS/IPS) across a variety of tools for the detection of adversaries
  • Consume actionable threat intelligence and make informed decisions on how to protect the bank
17

Senior Security Analyst Resume Examples & Samples

  • Perform security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques
  • Proficiency with application and network vulnerability analysis in areas such as secure coding practices, network design and operation, software development life cycle and cloud application security
  • Ability to produce, review and advise on secure architectures, hardening guides and directives for incident response and event management
  • Experience with Digital Forensics examination of endpoints, servers and mobile devices and post-incident review processes for the purposes of Malware Incident Response
  • The following certifications are an asset: GPEN, OPST, CEH, GIAC, CISSP, OSCP, GXPN, GREM
18

Senior Security Analyst Tiso Ssa Resume Examples & Samples

  • Create corrective action plans for non-compliant issues working with application development team
  • 5+ years of Information Security Knowledge of Information Security, IT Risks and Controls assessment
  • Good experience with Information security assessments with infrastcture (Server O.S., Databases, Network Firewalls, etc)
  • Knowledge of OWASP Guidelines for Application Security
  • Knowledge of software development processes, integration of security assessments in SDLC process, secure coding is desirable
  • Professional certifications, such as CISSP and CSSLP, or willingness to obtain certification within 12-18 months of start date
19

Senior Security Analyst Resume Examples & Samples

  • Perform active security event monitoring of the BMOFG Enterprise utilizing a variety of Security tools to ensure potential issues are identified,investigated,and escalated accordingly
  • Lead or assist in the handling of security incidents ensuring containment,eradication,and recovery while providing proper evidence collection and documentation through to closure
  • Collaborates with our Threat Intelligence group to conduct proactive searches or sweeps of the BMOFG Enterprise utilizing a variety of Security tools to identify IOCs,suspicious behaviour or activities warranting further investigation
  • Collaborates with our SIEM group to maintain,refine,or create new security use cases,correlation rules and alerting
  • Participate and contribute to team process improvement initiatives including maintenance of existing documentation,audit preparation,or the development of new processes and procedures in support of IPC core security services
  • Keep apace of relevant security technologies and emerging threats while participating and contributing to information and knowledge sharing within the BMOFG Enterprise
  • Create or contribute to security,technical or managerial reports related to IPC core security services, metrics and KPIs
  • Participate in a weekly on-call rotation (24/7) to provide & maintain coverage for all IPC core security services
  • Possesses a university degree/college diploma in Computer Science,IT related disciplines or equivalent work experience,and/or 5+ years of IT experience with at least 3 years of hands-on information security experience
  • Completion of security certifications (CISSP,GCIA,GCIH,GREM,CEH,CIH,CISA,CISM,etc.) is preferred
  • Demonstrates solid experience with technology and processes related to Anti-Virus,Intrusion Detection/Prevention,Proxy,Firewall,SIEM, and/or Vulnerability Assessments,and Incident Response
  • Displays a solid knowledge/understanding of TCP/IP networks,security and traffic analysis
  • Displays a solid knowledge/understanding of networking principles such as routing,protocols,network applications,etc
  • Displays a solid knowledge/understanding of desktop,server and mobile operating systems and security features/configurations
  • Demonstrates solid knowledge/understanding of the Incident Response life cycle,the Cyber Kill Chain,attack vectors,indicators of compromise,and common exploitation techniques
  • Maintains sound knowledge of business application processes,IT development processes and techniques (ITIL, etc)
  • Possesses solid communication skills,both verbal and written
  • Possesses solid analytical skills,including statistical analysis and trending techniques
  • Possesses solid facilitation,conflict and issues resolution and escalation skills
20

Senior Security Analyst Resume Examples & Samples

  • Assist in implementation of enhanced security tools and technologies including, but not limited to, Intrusion Detection & Prevention (IDS / IPS), Security Information and Event Management (SIEM), malware detection and analysis tools
  • Enhance processes/procedures for ongoing monitoring of security events and develop security measurements and reporting for senior management review
  • Manage IT Security daily operational tasks and programs including access control audits, configuration compliance, firewall reviews, vulnerability management and change control reviews
  • Collaborate with technology partners, support representatives and IT management to coordinate and address security investigations and escalations
  • Assist in the development, management and enforcement of IT Security Policies
  • Provide direct support to the business and IT staff for security-related issues
  • Assist in the evaluation and implementation of new security tools and technologies along with operational processes
  • In-depth knowledge of networking and security technologies such as IPSEC (Internet Security Protocol), VPN (Virtual Private Network), routers, switches, firewalls, intrusion detection and prevention, WAF (Web Application Firewall)
  • Detailed understanding of SIEM platforms, IDS/IPS systems and log management for policy enforcement and management
  • Experience conducting investigations and security analysis of incidents, breaches and malware attacks
  • Working knowledge of cryptography, PKI infrastructure and key management
  • Solid understanding of Windows and Unix Operating Systems
  • Knowledge of information security frameworks (NIST SP800,ISO27001,COBIT) and compliance requirements, such as PCI and SOX
  • Experience communicating conceptual and technical information to non-technical staff
  • 5 + years of experience in the Information Security
  • At least 2 years of experience in information security managing or monitoring security event data on incident response technology such as Security Information & Event Management (SIEM), Intrusion Detection / Prevention Systems (IDS, IPS), Malware analysis systems or conducting forensic investigations
  • Bachelor’s Degree in Computer Science, Management Information Systems, Information Security, or similar preferred
  • Strong verbal and written communication skills with ability to adapt information delivery based on target audience
  • Demonstrated ability to facilitate coordination of processes and work collaboratively
  • Certifications preferred CISSP, GIAC certification, CEH or equivalent
21

Senior Security Analyst Resume Examples & Samples

  • Perform hands-on gap or risk assessments to identify significant information security risks (including applications, systems, data centers, infrastructure and vendor security risk assessments) to determine the organizational risk posture
  • Monitor and review IT Security controls to identify operational effectiveness
  • Engage in third party risk assessments
  • Work with GRC and InfoSec tools to collect and maintain security and risk information
  • Maintain broad knowledge of best practices and trends in the field of Information Security
  • Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk
  • The final candidate will bring excellent analytical, evaluative, and problem-solving abilities
  • This person will have extensive knowledge of security technology and risk assessment methodologies, policies and processes
  • Must have the ability to work independently and multi-task effectively
  • This individual will have excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences
  • The ideal candidate will be exceptionally self-motivated and directed
  • The ideal candidate will have 5 years of experience working within the technical arena with 3 plus years of information security work experience
  • Strong knowledge and experience with IP network designs and secure designed infrastructures including firewalls, routers, switches and access control
  • Experience with PCI and SOX programs as well as their technical and security compliance
  • Knowledge/Experience in LANS, WANs, Routers, firewalls, IDS systems
  • Ability to scan large networks using vulnerability scan tools and write risk mitigation plans according to the assessment
22

Senior Security Analyst Resume Examples & Samples

  • Perform as the subject matter expert on Incident management, use the capabilities of the SIEM solution in the daily operational work and workflow of the end customer, implement and administer the SIEM solution at the customer site, advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements
  • Good knowledge in Security Operations
  • Participate in security and threat response investigations in complex cases involving log analysis, forensics, problem solving and a strong background in network, systems and attack taxonomy
  • Review cyber intelligence and threat data from internal and external sources to develop in-depth analysis and threat assessments for company networks
  • Analyze and evaluate network, system, and security events to determine whether an incident has occurred and taking appropriate response actions
  • Summarize findings and recommended corrective measures
  • Strong command on verbal and written English language
  • Demonstrate both technical acumen and critical thinking abilities
  • Strong interpersonal and presentation skills
  • Ability to lead the technical team
  • Knowledge in Unix and Windows Operating Systems
  • Advises leadership of the technical and business risks of identified exposures
  • Implement changes to procedures and systems to enhance data systems security
  • Develops, researches and maintains proficiency in tools, techniques, countermeasures and trends in computer and network vulnerabilities
  • Identify and determine causes of security incidents, and recommend corrective actions to ensure brand security
  • Experience in Splunk and various IDS/IPS devices (IBM Proventia, Fidelis XPS) are added advantage
  • Manage the team and perform the duties of a ‘Shift Lead’ by overseeing the activities in a shift
23

Senior Security Analyst Resume Examples & Samples

  • Install and manage security infrastructure technologies such as Incident Response, Malware Analysis, Log/Event Monitoring and Correlation, Risk Assessment, Vulnerability Management, Application Security, Access Control, Identity Management, and Penetration Testing
  • Correlate forensic data around security events
  • Data classification and risk assessment
  • Articulating security best practices to other IT groups as well as end users
  • CISSP or CISA certification
  • Associate’s degree or higher required in computer science or Information Security
  • Five – seven years of Information Security experience
  • Knowledge of ISO Standards
  • Familiar with PCI, SOX and HIPAA regulations
  • Strong knowledge of network architecture
  • Strong organizational, interpersonal and written & oral communication skills
  • Strong customer service attitude and perspective
  • Keen sense of urgency, prioritization and accountability
  • Strong team spirit and dedication to meeting department objectives
24

Senior Security Analyst Resume Examples & Samples

  • Perform active security event monitoring of the BMOFG Enterprise utilizing a variety of Security tools to ensure potential issues are identified, investigated, and escalated accordingly
  • Lead or assist in the handling of security incidents ensuring containment, eradication, and recovery while providing proper evidence collection and documentation through to closure
  • Collaborates with our Threat Intelligence group to conduct proactive searches or sweeps of the BMOFG Enterprise utilizing a variety of Security tools to identify IOCs, suspicious behaviour or activities warranting further investigation
  • Collaborates with our SIEM group to maintain, refine, or create new security use cases, correlation rules and alerting
  • Participate and contribute to team process improvement initiatives including maintenance of existing documentation, audit preparation, or the development of new processes and procedures in support of IPC core security services
  • Create or contribute to security, technical or managerial reports related to IPC core security services, metrics and KPIs
  • Possesses a university degree/college diploma in Computer Science, IT related disciplines or equivalent work experience, and/or 5+ years of IT experience with at least 3 years of hands-on information security experience
  • Demonstrates solid knowledge/understanding of the Incident Response life cycle, the Cyber Kill Chain, attack vectors, indicators of compromise, and common exploitation techniques
  • Maintains sound knowledge of business application processes, IT development processes and techniques (ITIL, etc.)
25

Senior Security Analyst Resume Examples & Samples

  • Provides guidance to day-to-day security application and infrastructure support to ensure security processes meet BMO standards
  • Creates, documents, and critiques security operational procedures in order to comply with security policy and operational framework
  • Provides lead supports in Bank of Montreal Firewall Rule support processes to meet security standards and procedures
  • Provides process guidance to Security Operations Analyst as required to ensure security compliance and operational governance
  • Participates or leads in Change Management, Problem Management, Configuration Management, and Inventory Management activities based on the ITIL framework to meet organizational goals
  • Assists in the planning process for security services for service optimization
  • Participates or leads in Disaster Recovery planning and Business Continuity planning exercises to ensure regulatory and corporate compliance
  • Provides lead support in Bank of Montreal logical Key Management processes to meet regulatory and corporate compliance requirements
  • Executes security assessments and processes in order to protect bank information assets
  • Provides lead support in security analysis and MIS for the purpose of operational management
  • Participates or leads in testing, evaluation, upgrade and implementation of new and existing security applications to combat emerging threats and vulnerabilities
  • Participates or leads projects as required to support security strategy
  • Participates in technical research and solutions testing with various project teams to provide security requirements and design support
  • Provides security leadership and communicates security issues and recommendations
  • Possesses a university degree/college diploma in Science or equivalent work experience, and/or 5+ years industry experience (development, infrastructure, application, operations security)
  • Completion of security certifications is considered an asset
  • Demonstrates solid knowledge of the standard operating platforms, system administration, network administration, development process and security process
  • Displays solid technical currency in PKI, Access/Identity Management, secure authentication, change management and incident management
  • Illustrates applied problem diagnosis and resolution techniques in the IT environment
  • Exhibits solid knowledge of IT development processes and techniques
  • Possesses solid written and verbal communication skills
  • Illustrates applied analysis skills
  • Exhibits solid leadership skills
  • Is self-motivated and team-oriented
26

Senior Security Analyst Resume Examples & Samples

  • Plans and coordinates the team's day-to-day operation ensuring processing is complete and accurate and internal controls are functioning
  • Builds a high performance work environment within and across teams by establishing and maintaining effective managerial practices. Increases the effectiveness and performance of allocated resources by identifying and closing skilled knowledge gaps
  • Schedules team activities to ensure adequate coverage for client support
  • Identifies, analyzes and resolves problems encountered by the Team
  • Ensures the team is in support of the Department’s Service Level in the fulfillment of CyberArk customer requests through delivery of secured, trusted and professional services. Requests include but may not be limited to safe creation and account enrollment, AD group creation and policy creation
  • Provides, evaluates and validates strategic/action work plans for improvement in organizational capability, productivity and efficiency, while reducing infrastructure diversity and complexity
  • Assists the Team to improve on security operational methods and workflows by identifying, recommending and implementing process improvement initiatives
  • Verifies all security processes of the CyberArk Services Group on CyberArk management and access management, conforming to the applicable industry and Bank’s security regulations, policies and standards
  • Ensures client’s concerns and questions on security operations of CyberArk access, I are adequately addressed with the provision of security standards, regulations and policies where applicable. Establishes effective relationships with clients and staff by providing advice and counsel, and ensuring activities are executed as per established procedures
  • Develops, reviews and updates documentation and reports to ensure accuracy, completeness and compliancy to applicable standards and/or regulations
  • Participates in audit, key initiatives and represents the team in projects requiring access or security arrangements
  • Maintains continuity of critical process events by developing and participating in contingency exercises and off-hours support as needed
  • Develops and produces quantifiable performance measurement metrics related to team result and progress
  • Provides training and consultancy to internal customers in area of security operations requirement as required
  • Attends to Human Resource issues and escalates to the Manager where applicable
  • Provides on-call emergency support (for user access to CyberArk or application issues within CyberArk)
  • Possesses a university degree/college diploma in the field of Computer or Information technology or equivalent work experience, and/or 5 to 7 years of working experience in a customer oriented IT environment, exhibiting solid problem diagnosis and resolution techniques
  • Possesses 3+ years of working experience in a leadership role
  • Demonstrates solid knowledge of the evolving information security system and application environment, network concepts & protocols, and information security concepts/framework
  • Displays sound knowledge of security processes, requirements and industry standards in relation to one of the following: - Access and authentication controls in relation to add, change, delete of user id’s; or – CyberArk management
  • Possesses 3+ years applied knowledge in one of the following: - ; - User id and access management with knowledge of CyberArk management including safe and policy creation, Active Directory management and Privileged ID management
  • Exhibits solid computer skills including MS Office Excel, Word and Access
  • Demonstrates solid problem identification skills and the ability to handle problems at times of a complex nature
  • Is analytical with solid organizational skills
  • Is self-motivated, a team player and able to work with initiative and independently under pressure
  • Displays a solid commitment to continuous learning in a dynamic environment
27

Senior Security Analyst, Access Services Resume Examples & Samples

  • Assist in the preparation of management reports and performance monitoring reports for GI&TRM (Global Information & Technology Risk Management)
  • Develop business management processes and tools
  • Prepare reports for volumes and analysis on monthly basis for senior management
  • Manage projects of various complexities as assigned
  • Act as Team Lead to assist Section Manager with various activities
  • Set up accounts, and train new hires
  • Provide expertise to team on various trouble shooting issues
  • Possesses a university degree/college diploma and/or 3-5 years progressive business analysis experience, supporting smaller to medium size projects
  • Some understanding of policy, cross-organizational roles and governance structure/processes within the Bank
  • Solid understanding and use of Microsoft Office (e.g. Word, Excel, PowerPoint, etc.)
  • Extensive knowledge with RSA Authentication Manager, ITIM, Remedy, Omniview, etc
  • Extensive knowledge with tokens hard and soft; being able to provide guidance to team for trouble shooting
  • Strong report writing skills for executive audience
  • Knowledge of Information Security and Risk is an asset, but not required
  • Ability to learn quickly, to work independently and to juggle multiple tasks
  • High tolerance for ambiguity and for frequently changing priorities
  • Very well organized
  • Strong facilitation and presentation skills
28

Senior Security Analyst Resume Examples & Samples

  • Maintains strong working relationships with peer groups and business clients
  • Support SEIM, Vulnerability Management, .Compliance Monitoring, Symantec SEPM, Symantec DLP, E-mail Security Appliances, Web Security Appliances and new tools that are built in future
  • Pro-actively identifies potential security issues and leads Security staff toward resolution
  • Provide production support of Windows/Unix Servers, SQL Servers, Web Servers, Application support, Network appliances
29

Senior Security Analyst Resume Examples & Samples

  • Review solution architecture to ensure that necessary security controls are included in the system design
  • Participate in the SDLC process to ensure security controls are properly documented and implemented
  • Translate security policies into low-level guidance for implementation teams
  • Enhance audit logging and reporting capabilities to ensure that monitoring and retention requirements are met
  • Review a variety of security assessments and manage remediation within required timeframes
  • Manage security exceptions documenting risk, compensating controls and remediation plans
  • Assist in gathering documentation required for audits and client security reviews
  • Assist in the review of the security capabilities of vendors and subcontractors
  • Assist in review and responses to security questions for new sales opportunities
  • Be alert to any potential security or privacy risks in our environment
  • 7-9 years of related work experience
  • Bachelor degree in technical or business discipline
  • CISP or other industry recognized certification
  • Knowledge of SDLC, SIEM, DLP, Vulnerability Analysis and Enterprise Architecture
  • Experience with HIPPA/ HiTech, PCI DSS, ISO 127001/2 and NIST SP 800-53
  • Extensive knowledge of security best practices associated to the management of PII / PHI
  • Ability to analyze complex systems and identify potential data privacy and security risks
  • Ability to understand the impact of technology changes on our security architecture
  • Maintains up-to-date knowledge of security technology and best practices
  • Understanding of privacy and security policy regulatory trends
  • Must be self-managed and goal driven. If you meet the requirements of this position and want to work for a world-class company with a great marketplace reputation, apply today
30

Senior Security Analyst Resume Examples & Samples

  • Monitor in real time log aggregation toolsets for security events
  • Respond to customer related quires received via phone, email and via ticketing systems in a timely and accurate manor
  • Provide security toolset tuning and optimisation recommendations based on metrics, you security understanding and industry trends
  • Provide advisory services to the business to identify and manage risks to an acceptable level
  • Familiarity working with network switches, routers, and firewalls
  • Ability to handle high pressure situations in a productive and professional way
31

Senior Security Analyst Resume Examples & Samples

  • Proactively analyze threats that create a risk to the Bank, its employees, shareholders, assets, business operations and clients. Identify and report on events, trends, and evolving and future threats while supporting development of operational, tactical and strategic recommendations to counter those threats
  • Collect open source information from public sources and analyze the information to identify risks to BMO assets, employees, and clients
  • Ensure analysis is developed and delivered in order to answer specific business needs through engagement with other LOBS at all levels and differing functional areas
  • Create and deliver succinct narrative reports and presentations, incorporating where appropriate visual tools to deliver analytical assessments
  • Tailor reporting to the client and stakeholder level of understanding or expertise and matching products and assessments accordingly to ensure analysis and conclusions are being conveyed and properly understood
  • Change Management - generate new ideas, concepts, and models to improve methods of obtaining, validating and disseminating information and intelligence
  • Identify and anticipate the problems and product/solution needs of our clients
  • Develop effective relationships between the program and LOBs and other relevant analytical, government, law enforcement or regulatory agencies
  • Minimum of five (5) years of experience in Information Security
  • Minimum of three (2) years’ experience as an intelligence analyst or relevant experience is preferred
  • Previous experience with financial services companies is preferred
  • Proven track record of open and non-open source intelligence gathering
  • Demonstrated ability to analyse, evaluate and interpret complex sets of information and data with a strong understanding and application of analytical techniques, including predictive analysis
  • Experience in collecting information from open sources, commercial databases, internal databases and fusing this information together through analysis and critical thinking
  • Experience with various link analysis and intelligence software applications
  • Advanced expertise in Microsoft Office products – Publisher, Word, Excel, Access, Outlook, PowerPoint, & SharePoint
32

Senior Security Analyst Resume Examples & Samples

  • Reports IS gaps to IT as applicable with appropriate recommendations Create corrective action plans for non-compliant issues working with application development team
  • Establish and maintain relationships with domain architects, project managers, and others within the technology development unit
  • 5-10 years of Information Security Knowledge of Information Security, IT Risks and Controls assessment
  • Good understanding of the Information control areas including Authentication, Authorization, Access Control, auditing, cryptography for applications
  • Knowledge of OWASP Guidelines for Application
33

Senior Security Analyst Resume Examples & Samples

  • Provide first line operation, monitoring, management and support of the NAC Service infrastructure in the Bank. Responsible for ensuring the detected rogue system/device are tracked and remediated
  • Execute, troubleshooting and investigation of supported systems and processes
  • Provide support and implementation of changes for systems related to NAC Service infrastructure
  • Respond to inquiries related to NAC Service
  • Create and document technical and operational procedures as related to NAC Service
  • Responsible for monitoring and responding to alerts and alarms generated from the NAC Service infrastructure when detecting a rogue/unknown device connecting to the network
  • Responsible for leading the investigation and triage for the remediation of rogue or unknown devices/connections in cooperation with local LAN administrators, Data Center Management, and the Bank Information Security Incident Protection Center support teams
  • Responsible to maintain the currency of the Network Access Control (NAC) Service infrastructure components hardware, software which include the testing of software patches, new releases, new features and/or functions
  • Responsible for NAC infrastructure components’ health performance and capacity monitoring (i.e. appliances CPU, appliances network throughput, etc...)
  • Responsible for continuous monitoring the reliability of the endpoint profiling policies and calibrating the certainty level for more accurate determination of unknown devices
  • Identify the network devices (i.e. switches, routers and firewalls) and systems infrastructure change requirements to support the implementation of NAC infrastructure and service operations (i.e. network devices, Active Directory, DNS, DHCP and/or endpoints changes requirements)
  • Maintain the NAC Service infrastructure support documentation
  • Produce and/or review regular network related security and compliance reports (e.g. ITNcM reports, Syslog reports and/or VA scan reports from IPC, etc..) as they related to network infrastructure components
  • Require On-Call support beyond normal business hours to troubleshoot and manage the remediation of detected hostile devices from the network
  • Possesses a university degree/college diploma in Computer Science or equivalent work experience, and/or 5+ years of strong experience in IT environment with experience in major IT infrastructure projects
  • Experience and knowledge with LAN, WAN, Wireless LAN, Voice over IP design and implementation
  • Solid knowledge of Cisco, Nortel/Avaya network devices configurations
  • Advanced technical knowledge of BMOFG Enterprise Network technologies is an asset
  • Exhibit solid understanding of TCP/IP networking protocols and operating systems such as UNIX, Linux, Windows security and access control principles
  • Technical knowledge of Firewalls, DHCP, DNS, Active Directory, Microsoft operating systems
  • Possess strong knowledge of Postgresql, LDAP databases and strong Linux skills
  • Working knowledge of web programming using HTML, Java, PHP, Perl, etc.
  • Solid understanding of network programming using different network protocols (e.g. SNMP)
  • Demonstrates advanced knowledge of the Technology & Operations (T&O) standard operating platforms
  • Working knowledge of network management tools such as ITNM, ITNcM, IPAM (i.e. IP Address and DNS Service management)
  • Knowledge of T&O organization and processes is an asset
  • Knowledge of Bank’s policies, procedures and methodologies is an asset
  • Demonstrates good understanding of BMO’s Problem and Change Process, more specifically in network operations support and escalation process
  • Working knowledge of NAC technology will be an asset
  • In depth knowledge of Information Security risk and industry best practices
  • Solid written and verbal communications skills and ability to work collaboratively
  • In depth knowledge and experience in other areas of computing technologies to develop automation, scripting, reporting, and raw data compilation
  • Strong problem analysis and troubleshooting skills
  • Ability to prioritize and manage time effectively
  • Displays high ethical standards and integrity
  • Facilitation, negotiation, and conflict management skills
34

Senior Security Analyst Resume Examples & Samples

  • Demonstrate excellent customer service to help the business teams meet their control objectives
  • Present information security requirements to stakeholders in the support and development of compliance programs across Nordstrom businesses
  • Integrates working knowledge in regulatory disciplines to create innovative compliance solutions
  • Participates in solving challenging technical issues
  • Resolves complex problems while collaborating with others
  • Resolves specific issues within a particular area, application, technology or system
  • Manages prioritization of business needs
  • Ability Influences stakeholder expectations
35

Senior Security Analyst Resume Examples & Samples

  • Participate in monitoring, alerting, and responding as a member of the DSG CSOC
  • Handle and analyze malware and assist with forensic investigations
  • Work closely with the applicable IT Teams to reduce DSG’s threat footprint and to respond to incidents, e.g. Firewall, Network, Email, Server, etc
  • Manage & create IDS/IPS rules
  • 7-10 Years of progressive IT experience in Incident Response, IPS/IDS or A/V Management, Network or Firewall Management, Server Administration, Endpoint Management, Active Directory Administration, SSL Certification Management
36

Senior Security Analyst Resume Examples & Samples

  • Monitor compliance with information security policies and practices and any applicable laws. Manage internal and external security assessments and risk analysis. Lead the assessment of compliance with security regulations such as PCI, GLBA, FFIEC, etc
  • Research, develop, continuously improve and implement security policies, procedures, standards and processes based on compliance requirements and industry best practices. Work closely with business partners and technology teams to understand security needs. Research and recommend tools and practices for implementation
  • Work with the extended information security team and technology partners to implement appropriate technologies or processes that ensure the security and confidentiality of the firms information assets. Assist with the evaluation of potential products, procedures and/or vendor partners to ensure they meet the business need
  • Provide timely and effective operational support for the firm's information security tools, processes and practices. Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards
  • Facilitate and coordinate metrics and measures from multiple sources to create timely and accurate reporting of the information security program, metrics and risks to the organization
  • Broad work experience that spans multiple information security functions - policy development, education, risk analysis and compliance testing
  • Expert understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices
  • Deep knowledge of technology risk assessment/SOX IT General Controls , SOC2 requirements and other related regulatory requirements
37

IS Senior Security Analyst Resume Examples & Samples

  • Strong Information Security (IS) and Third Party Information Risk background is a REQUIREMENT for this position
  • 3- 5 years of experience of data, system and application integration
  • 3-5 years of experience documenting business requirement and providing writing comprehensive requirement to development team
  • Excellent written, verbal communication skills and strong organizational skills
  • Ethical, accountable, and customer focused
38

Senior Security Analyst Resume Examples & Samples

  • Gather and analyze metrics and maintain scorecards for the Information Security Program to ensure the program is performing effectively and efficiently
  • Lead the development of KPIs (Key Performance Indicators) for the department, working with the Information Security Officer, Strategy Labs, Building Security In and Programs teams
  • Lead the development of the framework for metrics to implement with the strategic programs and projects to demonstrate achievement goals based on success criteria
  • Implement the scorecard for the organization that informs the security strategy for the organization
  • Create and present dashboards and decks to the Management for enterprise and by line of business
  • Create measures based on operating directives and technical security standards for the organization
  • Identify and implement the gathering of KRIs (Key Risk Indicators) for the information security program, based on industry standard frameworks, like ISO 2700x and NIST 800-53
  • Work with the 1st and 2nd line of defense to ensure alignment of metrics and scorecards
  • Report on risks and trends, and communicate effectively to teams within the organization
  • Communicate risks and metrics to application and infrastructure teams
  • Track and manage exceptions from policies and standards. Ensure accountability for issue resolution
  • Work with the teams to document, identify compensating controls and corrective action plans accordingly
  • Current Certified Information Systems Security Professional CISSP certification (Strongly preferred)
  • Current Certified Information Systems Auditor CISA certification
  • Experience with SharePoint administration, including workflow and process design
39

Senior Security Analyst Resume Examples & Samples

  • Ability to forensically Analyse IT Systems
  • Information Risk assesment
  • Professional security qualifications e.g. CISSP-ISSAP
  • Complex IT systems analysis (application & infrastructure) - transaction flows and failure modes
  • Non-functional requirements gathering and analysis
  • ITIL v3 process documentation
  • CMMI process maturity development
  • Information risk assessment, standards development and risk mitigation delivery
  • Technical document writing
  • A candidate with current experience working in Banking
40

Senior Security Analyst Resume Examples & Samples

  • Manages activities to embed defined security strategy and roadmap initiatives in support of Global and Business strategies, and within Transamerica risk tolerancesCompletes research, development and implementation of moderate to complex information security initiatives; including review of policy, program, process, procedural and technology improvements and solutions to ensure they are current and meet business needs
  • Organizes and maintains certain procedural tasks found within control self-assessments and security exception/waiver processes, such as reviewing, analyzing and challenging critical assets, associated ratings and security exception/waivers with asset owner; recommending and supervising business department completion of action plans
  • Organizes and maintains certain procedural tasks found within third party assessments, such as working with third party to obtain due-diligence artifacts, reviewing and analyzing due-diligence artifacts, reviewing and challenging results, recommending and discussing outcomes with key stakeholders
  • Gathers data, analyzes and reviews reports, including department, project, key indicators and dashboards. Assists with requirements and coordinates improvement plans
  • Possesses and applies broad knowledge of concepts and principles; exhibits technical expertise in a specific area; seen as a thought leader
  • Works with minimal instruction or guidance for moderately difficult assignments with diverse scope and complexity; able to creatively and pragmatically solve complex problems with initiative and decisiveness
  • Other duties as assigned based on department and organizational needs
  • Confirms with and abides by all regulations, policies, work procedures, instruction and all safety rules
41

Senior Security Analyst Resume Examples & Samples

  • Experience gathering and reviewing business requirements and working with development teams to provide Information security requirements advice and counsel, ensuring alignment to IS processes and solutions – must have
  • Experience with Threat modelling
  • In depth knowledge of application security and software assurance (white box testing) – must have
  • Working knowledge of web application vulnerability assessment tools such as AppScan and WebInspect
  • Working knowledge of development languages (e.g. J2EE, C#, .NET, Ajax), secure coding practices, and static code analysis tools such as Fortify
  • Strong Relationship Management skills
42

Senior Security Analyst Resume Examples & Samples

  • Complete penetration tests on MasterCard developed applications (including web services & mobile apps) within the deadlines given
  • Responsible for ensuring proper methodology and documentation is followed
  • Responsible to identify process improvements in the App Scan and Penetration Testing team
  • Assist the App Scan team with reviewing false positive requests
  • Engage with development teams to ensure that vulnerabilities from the penetration test are completed within the timeframes documented in the MasterCard Information Security standards
  • Complete documentation of penetration test reports per the methodology defined
  • Participate in new cutting edge technologies for continuing enhancing services provided by this team
43

Senior Security Analyst Resume Examples & Samples

  • Provide first level technical resolution for security incidents and SOC service requests
  • Log and record all identified/reported security incidents and service requests into DFIR ticketing system, and appropriately classify/prioritize based on DFIR SOP
  • Identify gaps and recommend improvements to enterprise technology environment across all platforms, with a goal to enhance the overall security posture of the customer
  • Possess and maintain adequate level of technical and analytical skills, to handle security incidents and threats that have the potential to introduce risk to sensitive/confidential data
  • Resolve or escalate security incidents and service requests in line with established service level targets
  • Assume ownership of, and provide; monitoring, tracking and communication of security incidents and requests
  • Maintain end-to-end responsibility for all relevant DFIR services in line with established service levels
  • Provide timely, reliable and courteous service to all customers
  • Work hand-in-hand with the SOC to identify, remediate and bring closure to all potential security related threats
  • Complete threat intelligence write-ups for high-visible/industry specific threats, and assess the level of exposure specific to customer
  • Internal development of DFIR policies and procedures
  • Take appropriate steps to demonstrate effective level of controls are in place to protect sensitive/confidential information within the customer environment (and to ensure compliance with PCI-DSS)
  • Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or related field of study; or at least four years of related experience and/or training; or equivalent combination of education and experience preferred
  • Associate’s Degree or equivalent from two-year College or technical school in Information Technology, Information Security/Assurance, Engineering or related field of study; at least 2 years of related experience and/or training; or equivalent combination of education and experience required
  • Minimum 5 years of general IT experience required
  • Minimum 3 years working as a Security Incident Response professional required
  • Minimum 3 years of experience with a variety of operating systems including Windows, Linux or UNIX in a functional capacity preferred
  • Experience using open source tools such as Remnux, Kali, etc
  • Experience deobfuscating potentially malicious content
  • Experience utilizing the Cyber Kill Chain
  • Experience using Encase and eDiscovery methodology
  • Experience in gathering and managing threat intelligence
  • Experience doing behavioral and static malware analysis
  • Experience working with interpreting, tuning, searching and manipulating data within enterprise logging/SIEM/NIDS solutions
  • Security and/or Networking familiarity or understanding preferred in any of the following
  • O o Basic routing principles and networking fundamentals
44

Senior Security Analyst Resume Examples & Samples

  • Knowledge of emerging trends in IT, and how they relate to IT security, i.e. cloud computing, mobile computing, virtualization, PCI and SOC compliance
  • Implement and monitor security information event management (SIEM), file-integrity monitoring (FIM), data loss prevention (DLP), intrusion detection/prevention (IDS/IPS), firewall and anti-virus/malware solutions to collect and analyze intelligence regarding threats and vulnerabilities
  • Initiate proper incident response to intelligence gathered around threats and vulnerabilities
  • CISSP or CAP certified
  • Advanced knowledge of information security principles and practices: security risk assessment standards, risk assessment methodologies, and vulnerability assessment
  • Experience implementing policies, procedures and practices to meet PCI requirements
  • This position is under strategic review *
45

Senior Security Analyst Resume Examples & Samples

  • Contribute to daily operational update meetings for SOC staff and unscheduled situational update briefings for leaders as necessary
  • Reference applicable departmental and operating administration policies in work products
  • Assist law enforcement and counter intelligence offices with cyber investigations
  • Provide forensic and network analysis
  • Provide content for shared situational awareness mechanisms i.e., websites, blogs, and Wikipedia style mechanisms
  • Maintain relationships with Intelligence Agencies, Law Enforcement (LE), and US Government organizations
46

Senior Security Analyst Resume Examples & Samples

  • Must have extensive experience performing security incident response and security event monitoring
  • Experience in the IT or Security engineering field being exposed to Microsoft and Linux Technologies
  • Eight to Twelve (8-12) years’ experience in one or more of the following areas
  • Bachelor’s Degree in computer science or similar technical area or equivalent
  • Familiarity with security and threat assessment methodology, vulnerability methodology, OWASP, CVE
  • Understanding of ISO 27001/27002, PCI, Fed RAMP or any other Information Security standard
  • Experience with security architecture
  • CISSP/CEH or equivalent Certifications, etc
47

Senior Security Analyst Resume Examples & Samples

  • Provide excellent client orientated services to internal and external entities of New Balance
  • Security incident detection, response, remediation
  • Coordinating Risk Based security assessments and working with teams to identify and remediate issues
  • Cyber threat and vulnerability analysis and remediation
  • Responding to security, compliance, and evidence requests from our Legal, HR, or other departments
  • Recommend enhancements to New Balance’s security applications
  • Develop reports, alerts, and data sources to enable identification of malicious and suspect activity
  • Research and simulate in the lab, new technologies including upgrades of existing solutions
  • Maintain knowledge of security technologies, products, and services
  • Prepare proposals, budgets, and costs justifications for new technology implementations
  • Visit vendors, trade shows, and seminars to further acquire knowledge in security and all various other relevant technologies
  • Perform other duties as assigned by the Lead Information Security
  • BS in Computer Science, Information Technology, Information Security or similar field or equivalent
  • 6+ years experience in information security, network security, or positions with security responsibilities such as Incident Response, malware analysis, etc
  • Experience participating in a corporate Risk Management Programs
  • Highly motivated with ability to drive results
  • Self-starter with high energy to meet the needs of a demanding business and IT environment
  • CSIRT or CERT participation
  • Knowledge of ITIL and change management processes
  • CISSP Certifications or training
  • GIAC certifications or training
  • Hands on experience with multiple platforms in a corporate environment including Windows, Linux, OSX, Cisco, and other platforms
48

Senior Security Analyst Resume Examples & Samples

  • Researches attempted efforts to compromise security protocol and recommends solutions
  • Develops large and/or highly complex solutions that require analysis and research
  • Coaches and mentors more junior technical staff
  • Bachelor’s degree in computer science or information technology plus 5 years or the equivalent combination of education, training, and work experience is required. CISSP, GSEC, CCNE, or other security or network certification strongly desired
  • Experience establishing and maintaining effective working relationships with business and infrastructure contacts across the organization globally
  • Five (5) or more years of demonstrated experience in Information Security Operation
  • Experience in senior technical role with minimum direct daily supervision and serving as mentor to junior staff when required
  • Direct experience and proficiency with 4 or more specific technologies and tools to include application control, intrusion prevention systems, web application firewalls, proxy/web filtering, anti-virus, data leakage protection and Security Incident and Event Management (SIEM)
  • Excellent in verbal and written communication skills to technical and non-technical audiences of various levels in the organization
49

Senior Security Analyst Resume Examples & Samples

  • Work and collaborate with software developers, infrastructure teams, and product owners
  • Efficiently manages multiple simultaneous tasks, providing consistent record of all activities, while handling confidential work with discretion
  • Evaluate vulnerabilities and related threats they pose to the organization in order to assess and recommend appropriate mitigation plans
  • Prioritize, develop, and provide oversight of required mitigation action plans across identified vulnerabilities
  • Assist with the education and training of process/control owners so they better understand the controls framework and their responsibilities
  • Stay abreast of the latest vulnerabilities and exploits
  • Identify and remediate security bugs across Ceridian’s web and mobile platforms
  • Coordinate periodic internal and external penetration tests
  • Confirm and prioritize the remediation of discovered security bugs
  • Drive developers’ security training plans to promote good security practices and design security frameworks
  • Educate Software Engineers on coding best practices (i.e. - OWASP Top 10) and the latest attack vectors
  • Manage secure configurations baselines and monitor compliance to reduce vulnerability threat profile
  • Bachelors degree in Computer Science or Engineering or equivalent work experience
  • Solid understanding of common web application technologies, languages, and SaaS architectures
  • C#, HTML, CSS, JavaScript, XML, Microsoft .Net Framework, Microsoft Windows Communication Foundation (WCF), Microsoft ASP .Net MVC or other MVC web frameworks
  • Knowledgeable with SQL and an understanding of relational database systems
  • Prior experience with vulnerability management, penetration testing, and related tools o NMAP, Nessus, Qualys, BackTrack, or Metasploit
  • Integration of static and/or dynamic code analysis tools into SDLC
  • Familiar with Windows environments
  • CISSP certification (or working toward certification) highly desired
  • Prior experience and knowledge of JavaScript frameworks such as Dojo, Angular, Knockout, Backbone, jQuery is highly desired
  • Threat modeling and attack vector analysis
  • Prior experience working in a startup or SaaS product company
  • Prior software development experience
  • Familiar with Redhat Linux a plus
50

Senior Security Analyst Resume Examples & Samples

  • Accept escalations from Monitoring and provide initial investigation of security incidents
  • Application of contextual data (criticality, device grouping, existing vulnerabilities)
  • Provide communication and escalation throughout the incident per the Security Incident Management guidelines
  • Communicates directly with data asset owners and business response plan owners during high severity incidents
  • Provides feedback to Threat Monitoring team
  • Perform analysis of log files for security incidents
  • Takes an active part in the containment of incidents, even after they are escalated
51

Senior Security Analyst Resume Examples & Samples

  • Maintain defensible documentation of analysis results
  • Generate reports for anomalous behavior that has been analyzed
  • Come up with new and innovated ways to detect anomalous network or host behavior
  • Minimum five (5) years of experience
  • Ability to communicate effectively with both technical and non-technical end users
  • Experience with Packet Capture technologies
  • Experience with packet analysis
  • Understands networking concepts and the OSI model
  • Experience with analyzing end user systems for indications of compromise
  • Experience with IDS/IPS and HIPS
  • Experience with Windows administration and system hardening techniques
  • Experience with *nix administration and system hardening techniques
  • Experience with NextGen Firewalls
  • Experience analyzing network security logs
52

Senior Security Analyst Resume Examples & Samples

  • Monitor and respond to security events escalated by Level 1& 2 security analysts and respond appropriately to protect Xcel Energy information and assets
  • Bachelor's degree (preferably with a concentration in Computer Science, Technology, Information Security, Information Systems or Engineering) or the equivalent combination of education, training and professional experience
  • 5+ years of experience working in Security or a related discipline
  • Strong background in SIEM, ePO, and/or incident response
53

Senior Security Analyst, Risk Management Resume Examples & Samples

  • Analyzes external market dynamics and other data sources to assess trends and develop actionable insights and recommendations for management.. Assists in coordinating the security risk within the context of the security risk model
  • Coordinates the security risk program efforts including risk modeling, comprehensive periodic risk assessments, and regulatory reporting standards and expectations
  • Develops communications and presentations appropriate for senior level audiences and external regulators
54

Senior Security Analyst Resume Examples & Samples

  • Experience in conducting Security Incident Response
  • Advanced knowledge of industry security standards and security threats
  • Detailed knowledge of the following: Malware, Security Information Event Management systems, Coding, Splunk, Elasticsearch, RedLine
  • Creative thinking and passion
55

Senior Security Analyst Resume Examples & Samples

  • Develops a holistic view of the organization, with a comprehensive understanding of processes, procedures, tools, and technologies through development of key stakeholder partnerships
  • Collaborates with key leadership to develop and execute Security Governance Strategy by defining, developing and facilitating risk-based Governance processes
  • Defines, builds, implements and evaluates Security Services Process Model
  • Compiles, reviews, and analyzes security information to formulate recommendations and reports for management review and decision making
  • Facilitates and champions a continuous improvement program for security procedures
  • Leads governance processes for key Security Services. Monitors and adjusts security services protocols to mitigate risk. Drives requirements around the development, tracking, and reporting of organizational metrics
56

Senior Security Analyst Resume Examples & Samples

  • Managing, owning and coordinating technical resolution of faults
  • Managing client expectations and escalating critical situations to appropriate levels of management
  • Liaise with vendors, as required, to achieve problem resolution
  • Meeting agreed SLA’s by leading a team of professional services employees in the provision of high level security support to our customers
  • 8+ years of network security experience working with enterprise clients
  • Proven experience and expertise within all areas of network security technologies, vendor products and security governance
  • REQUIRED: Strong background in Cisco (Firewall,IPS, IPSEC VPN, SSL VPN), Palo Alto (UTM), Check Point, Bluecoat (Proxy/Reverse Proxy)
57

Senior Security Analyst Resume Examples & Samples

  • Design and development of project initiative and enterprise-wide security solutions to meet current and emerging threats
  • Perform risk and gap assessments against technology environments and systems
  • Collaborate with business areas and IT to ensure proper security is considered throughout the organization
  • Provide analysis of security features and relate existing system to future needs and trends
  • Proven Experience integrating Security into the SDLC required
  • Extensive experience in technical planning, design, architecture development, and integration of cyber security systems
  • Familiarity in matrix and geographically diverse organizations preferred
  • Proficient in key areas of security such as: Vulnerability management, Intrusion. Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention (DLP), Encryption, Two‐Factor Authentication, Web‐filtering, and Advanced Threat Protection
  • Experience with NIST standards such as the CSF and 800-171
58

Senior Security Analyst Resume Examples & Samples

  • Utilize a variety of network, host and application security technologies to detect and analyze anomalies in the environment
  • Apply defined response procedures to consistently treat and document cyber and information security incidents
  • Work closely with distributed IT personnel to notify and drive corrective actions for discovered threats or vulnerabilities
  • Maintain knowledge of cyber threats and expertise in identifying attack types and behaviors
  • Act as subject matter expert for cyber security technology features and capabilities utilized by Tribune Media
  • Drive security & control automation through configuration to improve security posture and audit efficiency
  • Ensure system configurations provide compliance with data privacy rules & management controls
  • Participate in or lead projects related in incremental improvements in Tribune Media’s cyber security architecture
  • Maintain effective methods to provide configuration evidence, including change auditing and approval capabilities
  • Work closely with the VP Information Security to ensure governance and security requirements are met
  • Be flexible enough to assist with both Security and Compliance issues that may arise
  • Bachelor's degree, or an equivalent combination of education, training and experience from which comparable skills can be acquired
  • Must be collaborative and truly engaged in ongoing self-education and a culture of learning
  • 5+ years of practical experience within the technology & security environment
  • Security or technology industry certifications or training (e.g., ISC2, ISACA, SANS, CompTIA, Microsoft or similar)
  • Workday (SaaS-based Human Capital Management and Financial Management platform) security administration or other experience with IAM solutions desired
  • Solid experience in project support
  • Technical background, with understanding of concepts of compliance, confidentiality, integrity and availability, user authentication and authorization and segregation of duties
  • Demonstrated ability understanding policies and regulatory requirements, specifically SOX
  • Cyber Security analysis experience required
59

Senior Security Analyst Resume Examples & Samples

  • Provides expert level analysis and support for the Security Operations organization
  • Develops use cases and supports the continuous improvement of the organizations monitoring and detection capabilities
  • Manages multiple investigation requests through the entire lifecycle of initiation, data collection, analysis, and data production
  • Participates on Incident Response teams as a forensics and incident response subject matter expert
  • Produces reports on incidents, risks, exploits and vulnerabilities
  • Performs malicious code analysis and reverse engineering
  • Works with customers, vendors and NASA centers for problem resolution
  • Standardizes processes and procedures towards continual improvement
  • BS degree in relevant field/technology (or equivalent years of experience)
  • Minimum of 5 years of related experience with a minimum of two years of Information Security experience
  • Understanding of "attacker" methodologies and tactics, including kill-chain analysis
  • Experience analyzing phishing attacks
  • Significant experience in network intrusion detection
  • Expert knowledge of cyber security methodologies and security practices
  • Experience producing reports and briefs on the current threat landscape and associated risks
  • Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
  • Familiarity with data privacy laws and the associated security requirements
  • Familiarity with Splunk, ArcSight, QRadar, Sourcefire, Snort
  • Experience developing proof of concept and/or exploit tools
  • Programming skills: Java, Perl, Python
  • CISSP, CEH, GPEN, OSCP or similar security certifications
60

Senior Security Analyst Resume Examples & Samples

  • Performs issue and problem resolution and general security operations support
  • Identifies areas of security risk to the organization, and assist with efforts with company personnel to mitigate those risks to an acceptable level
  • Participates and leads security-related investigations and incident response activities and provides system forensics and investigative services
  • Provide periodic “on-call” support of security operations during non-business hours
  • Keen attention given to task prioritization, independent work execution and expert leadership and task completion
  • Identifies areas of security risk to the organization, and leads efforts with company personnel and other security analysts to mitigate those risks to an acceptable level
  • Review, recommend and assist in implementing proper security diagnostic and access tools to enable the analysis, reporting and escalation of security events
  • Measure and report system security posture through the ongoing development and refinement of security metrics
  • Scan systems for known vulnerabilities and initiate and monitor requests to address relevant vulnerabilities
  • Act as primary contact and execution for vulnerability testing of networks, systems and applications as requested
  • Act as primary contact and execution for incident response teams used to act quickly and accurately during emergency situations
  • Develop and participate in the development of CliftonLarsonAllen Information Security policies, technical procedures and standards for CliftonLarsonAllen which promote privacy, security and fraud awareness
  • Participate in the development, and delivery of an information security awareness program
  • Approaches all problems, projects, and incidents with a high level of professionalism, objectivity and an open mind to new ideas and solutions
  • Analyzes and identifies areas where automation can be used in the deployment of new technology to support effective resource management
  • Maintain knowledge of vendor products, services and security technologies and recommend/implement their use
  • Operating Systems: Windows Server 2008/2012, Active Directory 2008/2012, Linux, Windows 7-10 Network Technologies: Cisco LAN/WAN, VPN, DNS
  • Infrastructure Applications: Citrix, MS Exchange, Symantec Anti-Virus, System Center Configuration Manager, Nessus, SIEM tools, password management tools
  • Software: MS Office Suite, popular browsers, Security related software analysis and protection, Other Business Applications (Accounting, practice management, CRM, etc.)
  • Hardware: Cisco UCS or compatible Server, Desktop and Laptop PC's
61

Senior Security Analyst Resume Examples & Samples

  • Recommends and tracks the application of fixes, security patches and security updates at an Agency level
  • Familiar with Data Privacy laws and the associated security requirements
  • Familiarity with Splunk, Maltego, Qradar, ArcSight, Snort, Wireshark
  • Experience with reverse engineering and forensics
  • Experience using common sandbox technologies to perform dynamic malware analysis
  • Programming skills a bonus: Python, Java, Perl
62

Senior Security Analyst Resume Examples & Samples

  • Identify, prioritize and respond to security threats
  • Will operate in a close team of computer/digital forensic, fraud, and other IT investigative experts
  • Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm
  • Maintain an inventory of the procedures used by the CDRC and regularly evaluate the CDRC procedures and add,
  • Recognizes successful intrusions and compromises through review and analysis of relevant event detail information
  • Under Graduate/Post Graduate Degree in Computer Science or Engineering or related domain (MCA/MTech/BTech/BCA /BSc CS or BSc IT)
  • Fair Understanding of Linux, TCP/IP, Network Security, encryption standards etc
  • Aware of log monitoring
  • Idea about various penetration testing and application testing methodology and tools is a definite plus
  • Knowledge in application development (Microsoft technologies)
  • Soft Skills - Excellent communication skills; written and verbal
  • Good Attitude
  • Good Presentation skills
  • Ability to work in a team, with little supervision and using own initiative
  • 5+ years’ experience in one or more of the following
  • Security Information & Event management (SIEM) tools
  • Incident Handling and Incident Response
  • Vulnerability assessment
  • Deep Understanding of the following: Firewalls, Intrusion detection and prevention systems, anti�virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ
  • Knowledge in Linux & scripting Languages(Shell Script, Vb script, Python etc) is a definite plus
  • Experience with Splunk Enterprise Security is a plus
  • Will provide mentoring, support, and direction for other members of the team, as required
63

Senior Security Analyst Resume Examples & Samples

  • Working closely with the Senior Security Analyst to ensure adherence to company protocol and standards
  • Assisting with the audit activity of information systems and access controls
  • Maintaining security procedures in line with company protocol and standards
  • Work closely with internal and external Audit and subject matter experts
  • Supports the investigations of security breaches in accordance with established procedures
  • Assists in championing security risk and vulnerability assessments on behalf of the Agiliti Team
64

Senior Security Analyst Resume Examples & Samples

  • Contributes to maintaining the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories by following and enforcing IT security standards, policies and procedures
  • 8+ years’ experience in one or more of the following
  • Experience in enterprise security architecture design and document creation
  • Helps team and colleagues understand the bigger picture of technical, ethical and financial needs
  • Requires minimal supervision from management and frequently works on projects with only periodic updates to supervisor
  • May seek guidance on increasingly complex projects
65

Senior Security Analyst Resume Examples & Samples

  • Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) and/or a minimum of 4 years of equivalent experience
  • 4 years of operational IT experience
  • 2+ years’ experience with Network Security Monitoring, SIEM and/or other log aggregation and correlation tools
  • 1+ years’ experience with host-centric detection & response skills, as well as process automation
  • Deep capabilities in offensive / defensive technologies and agile risk assessment will be critical to success
  • Experience with Python and object oriented software development practices in Python
  • Detailed understanding of APT, Cyber Crime and other associated cyber threat tactics
  • CISSP, OSCP or related SANS certifications preferred
  • Experience with malware and reverse engineering Experience with host-centric detection and response skills
  • Experience with Software Defined Networking (SDN) principles using Contrail
66

Senior Security Analyst Resume Examples & Samples

  • Monitoring and analyze network and security event data from a variety of sources to identify internal security events based on internal and common intelligence sources
  • Stay abreast of the threat landscape through open sources and observed activity
  • Development and documentation of SOC Analyst activities and workflows
  • Bachelor’s degree in Computer Science. Vendor certifications in the security field are a plus****
  • 6-10 years of Security Analysis experience working in global, complex environment****
  • Perform analysis of security logs in an attempt to detect unauthorized/malicious activity
  • Understand cyber-attack methods such as SQL Injection and Cross Site Scripting attacks (XSS.)
  • Ability to convert understanding of cyber-attack methodologies into innovative 0-day detection capabilities
  • Will establish strong working relationship with security vendors and internal peers to continually improve detection capabilities
  • Use vulnerability assessment data to pinpoint potential points of attack
  • Possess a comprehensive understand a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS
  • Hands-on experience with IDS/IPS, SIEM, and web filtering solutions, specifically analyzing, crafting and tuning detection techniques
  • Hands-on experience with APT/DPI technology such as FireEye
  • Knowledge of digital forensic and static malware analysis
  • Understand and execute incident response process when a security incident has been declared
  • Strong understanding of vulnerability assessment and management
  • Strong understanding of basic cyber-intelligence techniques
  • Research external trusted intelligence sources and leverage knowledge to detect events of interest
  • Strong analytical problem solving skills, methodical approach to data analysis and a keen ability to identify threat activity, strong Incident investigation and analysis skills
  • Document and contain security incidents detected on the network
  • Strong technical writing, documentation, and communication skills necessary to create and present findings to C-level management
  • Must possess the following soft-skills
67

Senior Security Analyst Resume Examples & Samples

  • Act as an escalation point, and use your extensive experience to provide expertise, support and advice to other Security Analysts
  • Ensure the quality and timeliness of the security incident detection and classification service
  • Manage and track customer issues and requests
  • Routinely review security incidents and other customer deliverables for adherence to the established procedures and guidelines. Document, rectify and provide feedback to Analysts as necessary
  • Validate new detection signatures released by vendors and tune/classify these signatures appropriately
  • Research new threats and ensure appropriate detection capabilities are in place to identify and respond to these threats
  • Articulating security issues to customers, both verbally and written Extracting and analyzing log data
  • Support other teams (service management) regarding service methodology
  • Business level of English
68

Senior Security Analyst Resume Examples & Samples

  • Active real-time security monitoring
  • Advanced security event detection and threat analysis for complex and/or escalated security events
  • 4+ years of experience in a network threat incident response and investigation position
  • Must be able to work one weekend a month
  • Proactive in following up on customer issues
  • May also perform QA functions to ensure quality ticketing practices across the team
  • Perl, Python scripting
  • Hands-on experience with SIEM platforms, such as Security Analytics, Splunk, or ArcSight, Firewalls, Intrusion Detection/Prevention Systems, Proxies, Web Applications, and/or Penetration Testing
69

Senior Security Analyst Resume Examples & Samples

  • Assist customer security services to include administration and analysis of community databases and security training programs
  • Manage oversight of security incident reporting program and ensure compliance with security protocols
  • Conduct research and provide technical assessments on national security policy implementation and assist with change control process development
  • Collaborate in the development and implementation of policy directives, briefing materials, and procedures and support the preparation, production, and coordination of written products
  • Must have an active/current TS/SCI with Polygraph
  • Minimum Bachelor of Science in a related field
  • 10+ years of related experience to include extensive knowledge and understanding of security processes and methodology
  • Ability to analyze potential vulnerabilities and conduct independent research as well as work in a team environment to develop effective solutions
  • Prior counterintelligence analytical experience desired
  • Masters or military senior service college desired
70

Senior Security Analyst Resume Examples & Samples

  • Research malicious threats, C&C communications, compromised clients and domains, in order to identify common malicious patterns
  • Acquire, analyze and integrate external data sources and tools into Akamai’s cloud security intelligence platform
  • Experience with malware reverse engineering — highly desired
  • Experience with big data systems and Hadoop in particular — will be appreciated
71

Senior Security Analyst Resume Examples & Samples

  • Hands on experience with McAfee ePO, ESM, and Palo Alto Firewalls
  • Analyze reports to understand threat campaign techniques and lateral movements and extract indicators of compromise (IOCs)
  • Must be able to analyze SIEM logs and correlate logs with expected system behavior
  • Investigate, collaborate and report on root-cause-analysis of malware attacks
  • Prepare reports that document security breach attempts
  • Ability to analyze and determine the applicability of data, to draw conclusions and make appropriate recommendations
  • Ability to communicate effectively in oral and written expression
  • Ensuring endpoints and networks are free of breaches by proactively analyzing the logs from critical devices
  • Review, collaborate and recommend infrastructure security changes to reduce risks
  • Collaborate and recommend security enhancements to management or senior IT staff
  • Research the latest information technology (IT) security trends and report breaches alerted by vendors
  • Ensures authorized access by investigating improper access and reporting violations
  • Develop security vulnerability patterns, reports and publish periodically
  • Support compliance requirements and related efforts as needed
  • Required SIEM: McAfee ESM and ePO
  • Experience in analyzing logs of PAN and Cisco routers, switches, VPN, Palo Alto Firewall, FireEye, McAfee
  • Preferred client security management: Tanium, Splunk, Tenable, Nessus, Qualys, Qradar
  • Preferred: Additional IT experience as a programmer, system administrator or network engineer, proficient in Windows environments, Linux and Mac a plus
  • Knowledge of the principles, and best practives of information security
  • Experience in datacenter, remote site and cloud architectures
  • Information security certifications is a plus
72

Senior Security Analyst Resume Examples & Samples

  • Execute information security assessments on high-impact technology projects
  • Perform security risk assessments that employ the enterprise risk assessment approach and include all stakeholders
  • Ability to categorize, select, implement, assess, authorize, and monitor security controls driven by NIST Security Framework to increase the overall security posture of the organization
  • Assist in the continuous progression of Security Integration into the SDLC
  • Provide training and guidance as needed to stakeholders around the security integration process of the SDLC
  • Participate in defining additional processes to improve the flow of information across multiple areas of the Information Security Program
  • Strong background in conducting security risk assessments
  • Familiarity with NIST and FFIEC Security Framework
  • Ability to communicate effectively with peers and senior leadership
  • Skilled at identifying controls, compensating controls, and control gaps
73

Senior Security Analyst Resume Examples & Samples

  • Provides performance metrics as necessary
  • Provides customer service that exceeds our customers’ expectations
  • Advanced knowledge and understanding of network protocols and devices
  • Provide incident investigation, handling, and response to include incident documentation
  • Ability to work a flexible work schedule, including weekends
  • Understanding and/or experience with one or more of the following programming languages: .NET, PHP, Perl, Python, Java, Ruby, C, C++
  • SIEM
  • Network Access Control
  • Experience with SIEM (i.e. Arcsight, QRadar) Sourcefire, FireEye, Snort or an equivalent tool required
74

Senior Security Analyst Resume Examples & Samples

  • Architect, develop, deploy, and support information security systems and solutions
  • Examples: Vulnerability Scanning, Data Loss Prevention
  • Proactively assesses potential risks and vulnerabilities, and drive remediation efforts
  • Examples: Project Risk Assessments, Threat Identification
  • Respond to information security incidents, including investigations/forensics and lead cross-functional teams as necessary
  • Track and report on IT security issues as part of overall risk and project management
  • Collaborate with IT Teams globally
  • Manage vendors relative to information security systems and services
  • Fully proficient (1), some knowledge and ability to develop greater competency (2), preferred but not required (3)
  • BS or MS degree in Computer Science or related IT degree or relevant experience (1)
  • Minimum of 6 years of experience in IT security, including intrusion detection and prevention, vulnerability scanning, reporting, incident response and forensic, malware analysis, security awareness (1)
  • Experience with PCI DSS Framework (2)
  • Appropriate technical and/or security certifications preferred, (e.g. CISSP, CISM, CEH, Security+) (2)
  • Excellent communication skills – verbal and written. (1)
  • Ability to multi-task and prioritize work effectively. (1)
  • Ability to interact with business and technical personnel at all levels (1)
  • Highly motivated self-starter with ability to work independently or with a team. (1)
  • Strong sense of ownership and driven to manage tasks to completion while providing guidance and insight. (1)
  • Good project management skills (1)
  • Overall knowledge of the Retail industry (2)
75

Senior Security Analyst Resume Examples & Samples

  • Assist with performing Information Security Risk and Maturity self- assessments and identify findings/remediation items that increase the organizations maturity posture from a Security perspective
  • Assist with the proactive management of remediation items across the infrastructure technology landscape to ensure timely resolution and completeness of remediation activity
  • Work collaboratively with Security Champions and Issue Owners providing support while moving issues through the various stages of Issue Management process
  • Produce and assist in the continuous evolution of metric reporting pertaining to Information Security
  • Provide training and guidance as needed to stakeholders around issue management processes
  • Participate in defining additional processes to improve the flow of information across multiple areas of the Information Security program
  • Participate in the requirements definition and potential implementation of a firm-wide Government, Risk & Compliance (GRC) tool
  • Modify and enhance current SharePoint repository
  • Produce dashboards, metrics and presentation material as needed
  • Strong background in IT Risk Management
  • Familiarity with NIST and FFIEC Security frameworks a must
  • Experience with Sharepoint and making minor modification to sharepoint sites
  • Ability to prepare meeting materials, power point presentations and present in group forums
  • Detail oriented with strong analytical skills
  • Skilled at identifying controls, compensating controls and control gaps
  • Process oriented with the ability to define and facilitate process definition
76

Senior Security Analyst Resume Examples & Samples

  • 9 years of professional experience and a bachelor's degree
  • Demonstrated understanding of Assessment and Authorization processes
  • (D) Degree in IT Management, CIS, or other engineering field
77

Senior Security Analyst Resume Examples & Samples

  • Web Application Firewall and Application Security
  • Ensures compliance with organizational security standards, procedures, and guidelines
  • Assess and modify procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction
  • Coordinate and execute IT security projects
  • Conduct security audits and manage remediation plans
  • Assess and/or design centralized user and configuration management systems
  • Perform and/or coordinate regular security assessments of existing or new infrastructure
  • Work with information systems custodians (i.e., department managers, user community and systems administrators) at different levels in the organization to understand their respective security needs and assist with implementing practices and procedures consistent with GPC’s Information Security Policy
  • Provide immediate onsite support for security incidents
  • Work with and support lead incident response handlers
  • Bachelor Degree in Computer Science, Engineering
  • Minimum of 10 years of information systems security or related auditing experience
  • Preferred certifications: CISSP, CEH
  • Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone
  • Strong analytical, technical, and problem solving skills
  • Ability to work effectively, independent of assistance or supervision
  • Innovative, creative, and extremely responsive, with a strong sense of urgency
  • Willing to share knowledge and assist others in understanding technical and business topics
  • Willingness to work outside of regular business hours as required which can include evenings, weekends and holidays
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows/Unix/Linux
  • Experience with DNS, NTP and Citrix, TACACS, IDS, IPS and various SIEMS
  • Working knowledge of protocols and technologies such as TCP, UDP, SSL, FTP, SMTP, NetBIOS and DHCP
  • Working knowledge of HTML, CSS, JavaScript and WML
  • Strong networking knowledge with a focus on security and digital forensics
  • Knowledge about TCP/IP networks and architecture
  • At least one technical certification related to a major platform (IBM, Microsoft or Cisco)
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Ability to quickly understand security systems in order to identify and validate security requirements
  • Experience with performing vulnerability scans and assessments as well as computer forensics
  • Familiarity with SOA governance and policy management best practices
  • Information Security best practices and common processes
  • Knowledge of Windows and UNIX/Linux vulnerabilities and exploits
  • A solid understanding of various firewalls, with actual experience in design, installation, configuration, and operation
  • Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
  • Ability to perform network protocol analysis and raw data capture
  • A solid understanding and knowledge of LDAP
  • Knowledge of OWASP , ISO 27001/2, PCI-DSS
  • Self-motivated, self-directed and shows attention to detail while working
  • Works ethically and with integrity supporting organizational goals and values
  • Displays commitment to excellence
  • Completes work in a timely manner and meets deadlines
  • Contributes to building a positive team spirit and treats others with respect
  • Maintains confidentiality of information and uses information appropriately
  • Exhibits sound judgment when making decisions and recommendations
  • Fosters collaboration toward a common vision and shared goals
78

Senior Security Analyst / GRC Resume Examples & Samples

  • Bachelor’s Degree in a related field plus two to three years of progressive experience in Information Risk or enterprise GRC administration, and direct and recent working experience with at least two of the following compliance programs: ISO 27001/2, PCI, SSAE16, SOC2, HIPAA, 21 CFR Part 11, NIST, or regulatory framework (e.g. FFIEC)
  • Relevant professional certification such as CISSP, CISA, CISM, CRISC, CIPP, GIAC, PMP, ITIL Foundation v3 or 2011 Certification
  • Excellent report writing skills, ability to prepare compliance reports and associated metrics
  • Excellent verbal and written communication skills, with the ability to communicate technical information to both technical and non-technical audiences
79

Senior Security Analyst Resume Examples & Samples

  • Experience on development, defining, and assessing security policies and standards that are in alignment of SOC 2 and HiTrust Alignment- The SOC 2 report focuses on a business's non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system
  • Experience performing research, identifying, and ranking the risk of critical assets containing PHI and PII data
  • Developing and maintaining documentation for security systems, procedures and security diagrams
  • In-depth knowledge of information risk concepts and principles and impact
  • Ability to manage tasks independently and take ownership of responsibilities
  • Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel
80

Senior Security Analyst Resume Examples & Samples

  • Plan and manage the implementation of organization-wide processes and procedures, tools and techniques for the logging and monitoring of enterprise devices
  • Protect and defend information and information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation
  • Provide consulting for restoration of information systems by ensuring that protection, detection and reaction capabilities are incorporated
  • Ensure that appropriate action is taken to investigate and resolve incidents and problems in systems and services
  • Ensure that such incidents and problems are fully documented within the relevant reporting systems
  • Coordinate the implementation of agreed remedies and preventative measures
  • Maintain an in-depth knowledge of specific technical specialisms and provides expert advice regarding their application
  • Advise and contribute to the creation and publication of logging strategies for managing risk to the continuing effective operation of the business
  • Plan and manage the implementation of organization-wide processes and procedures, tools and techniques, within a specific information risk area, for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change
  • Identify and categorize strategic and operational risks
  • Advise on compliance logging and reporting
  • Advise on appropriate action, including contingency planning, and countermeasures
  • Information Assurance
  • Recommend appropriate and practical performance measures and track compliance
  • Participate in security control reviews, business risk assessments, and reviews that follow significant breaches of security controls or IT service disruptions
  • Contribute to the development and promotion of the technical specialize
  • Recommend quality standards and policies relating to the technical specialize
  • Maintain knowledge of the technical specialism at the detailed and comprehensive level
  • Keep in close touch with and contribute to current developments in the technical specialism
  • Bachelor's Degree Computer Science, Information Systems, or related field
  • Technical certifications desired: CISSP, SANS GSEC, CIPP, FBCP
  • Extensive experience in Information Technology and significant experience in logging and monitoring specialism
  • SEIM/Analytic (Splunk, ELK) platform experience preferred
  • Ability to absorb complex technical information and communicate effectively to both technical and non-technical audiences
  • Assess and evaluate risk and to understand the implications of new technologies
  • Ability to describe and clearly articulate the business impact
  • Broad understanding of information technology and deep understanding of area(s) of specialization. Takes initiative to keep own skills up to date and to maintain awareness of developments in the information systems industry
  • Expertise in the technical specialism, the technology involved, current developments, the most commonly available products, and the application of the specialism within a technical or business environment
  • Overall knowledge of specific areas of information systems practice and applications
  • Working understanding of the management processes within the IT function or department and practical knowledge of the principles of information management
  • Understands information systems logging best practices, and acknowledges the need to maintain a practical and pragmatic approach to standards compliance
  • Communicates well, both orally and in writing
  • Good working knowledge of the client organizations policies, management structure and business objectives, and of the existing Information Systems portfolio and IT infrastructure
  • Information Security Domain
  • Broad knowledge of at least 7 out of the following 10 security domains
  • Deep technical expertise in at least one of the domain areas: Access Control Systems and Methodology, Telecommunications and Network Security, Business Continuity Planning and Disaster Recovery Planning, Security Management Practices, Security Architecture and Models, Law, Investigation, and Ethics, Application and Systems Development Security, Cryptography, Computer Operations Security, and Physical Security
  • 1 or more of the following industry certifications required: CISSP, GSEC, CISA, GCIH, GCFA or other related certification
  • Knowledge of relevant industry standards awareness and governmental regulations
  • Basic knowledge of HIPAA, GLBA, APEC principles, OECD guidelines, EU Directive and Safe Harbor, employee records management, workplace monitoring, incident handling, PII, Web forms and cookie files, Spyware, and Spam
81

Senior Security Analyst Resume Examples & Samples

  • Execute the duties of the Security Analyst as required
  • Monitor level 1 analyst performance by investigating incoming events using SOC-available tools
  • Ensure level 1 event(s) are addressed in a timely manner using available reporting and metrics
  • Approve and, if necessary, further investigate level 1-escalated events
  • Manage processes and procedures, playbooks and metrics to ensure team participation and continuously evaluate effectiveness of the plan’s execution
  • Assist with the analysis of processes and procedures, playbooks and operational metrics to develop insight into the effectiveness and efficiency of Security Operations
  • Mentor level 1 analysts to improve detection capability within the SOC
  • Manage SOC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary
  • Function as shift subject-matter experts (SMEs) on incident detection and analysis techniques, providing guidance to junior analysts and making recommendations to organizational managers
  • Drive and monitor shift-related metrics processes ensuring applicable reporting is gathered and disseminated per SOC requirements
  • Maintain SOC shift logs with relevant activity from analyst shift
  • Document investigation results, ensuring relevant details are passed to the tier 3 for final event analysis
  • Minimum Required
  • Degree in Computer Science or Information technology or equivalent work experience
82

Senior Security Analyst Resume Examples & Samples

  • Key contributor in the development of an enterprise Governance, Risk and Compliance (GRC) tool
  • Supports development of new standards and controls as dictated by the needs of the organization. Ensures consistency of control implementation across the enterprise, identifying opportunities for efficiency or improvement
  • Supports the entire Enterprise Security Services management team in the area of governance and process analysis and improvement
  • Partners across the Enterprise Security Services organization and key business areas to facilitate alignment with security governance practices and compliance with corporate policies and standards, and control frameworks
  • Work will include relationship building with senior business leaders to facilitate a governance process that allows for risk based decision making
  • Responsible for an organizational continuous improvement program, including the development of processes and procedures to drive consistency and quality across the organization
83

Senior Security Analyst Resume Examples & Samples

  • 3+ years of hands-on incident response or security related experience
  • Understand sound investigative techniques for suspected and confirmed incidents
  • Able to gather all relevant incident information (e.g., affected systems, asset information, vulnerability information, system configurations, logs, console reviews, memory dumps, forensic analysis, etc.) in accordance with incident management and response processes
  • Able to analyze incident information to understand the scope of the incident
  • Has responded to current security incident types, such as DDOS attacks, anomalous activity, malware infections, APT activity, unauthorized access, data extraction, etc
  • Has assisted with task automation and process improvements
  • Must have displayed leadership and team-centric skills and have strong solution orientation
  • Proven track record of Developing New Processes
  • Strong Documentation Skills
  • Has experience leading and facilitating meetings (in-person or virtual)
  • Ability to analyze forensic and log data to identify root cause and or indicators of compromise
  • Solid knowledge of Network Protocols, Packet Captures, Security Controls, Scripting, SIEM, standard ticketing systems, Open Source Tools, Web Application Firewalls, PKI, vulnerability scanning
84

Senior Security Analyst Resume Examples & Samples

  • US Citizenship and current Top Secret clearance with SCI eligibility is required
  • Candidate must have a working knowledge of the NISPOM, DCIDs, and ICDs
  • Develop, submit for approval and implement security policy for the company in accordance with government policies and regulations
  • Provides Industrial Security guidance to Human Resources Department, Recruiting, Senior Management and advise Corporate Vice President as required
  • Conducts security clearance pre-screening interviews
  • Candidate must possess excellent speaking, writing, organizational, and customer service skills
  • Candidate must be skilled in managing complex situations, a demonstrated ability to plan, organize, work, and meet deadlines
  • Candidate must be able to prioritize tasks and handle multiple assignments concurrently
  • Candidate must have experience with classified computer systems and have working knowledge of NISPOM and ICD requirements
  • Candidate should have proficiency in the use of Microsoft Word, Excel and PowerPoint
  • Candidate must have attended the DSS Basic Facility Officers Course and FSO Program Management Course or equivalent
  • Conduct onsite assessments and inquiries into security and computer related incidents and investigations in assigned facility
  • Information Systems Security Training is a plus
  • Prefer Associate Degree or higher
85

Senior Security Analyst Resume Examples & Samples

  • The DLP Senior Technical Analyst
  • Knowledge of Data classification, Data Loss Protection, Cloud Access Security Broker (CASB), Data at End Point , Data at Rest and Data in Motion, Anti Virus, Personal and Perimeter Firewalls, Data Access and Auditing, IDS, Next Generation threat protection solutions, IOS, SharePoint, Office Communicator Server (OCS) highly desired
  • Experience with data analysis and analytics
  • Experience with process development, process skills such as Lean / SixSigma
  • Development experience in Java and C/C++
  • Working knowledge of Python, Perl, or Ruby
  • Experience with QA/testing required (usability testing, performance testing, automated testing, test scripts, test cases and test plans)
  • Experience with Cloud services, such as Azure, Office 365, SAAS applications
  • Ability to coach and transfer knowledge to key stakeholders required
  • Highly detail-oriented individual with exceptional organization skills, including ability to work independently or as part of multiple teams
  • Strong analytical and innovative problem solving skills with the proven ability to exercise flexibility and judgment in assessing business issues and risks in a dynamic environment
86

Senior Security Analyst Resume Examples & Samples

  • To succeed at this job, you must have a familiarity with various aspects and components of information security such as encryption methods/standards, real-time intruder detection, perimeter security, event correlation, authentication services, vulnerability analysis, and incident handling and forensics
  • It would be preferred if you have knowledge of IT security and certifications in CISSP, CISA, CGEIT, CRISC, GIAC and CISM
  • You must be fluent in English
  • We would like someone to join our team who is experience in educating and promoting good security practices throughout an enterprise organization. Knowledge of common attack methodologies; common types of security vulnerabilities. Experience in securing system, network technologies, secure coding practices and SDLC
  • You must have a Bachelor’s degree in Technology or a related field, equivalent experience is required
  • We are looking for someone with 10+ years of relevant technology or information security experience with demonstrated growth path. 3-5 years of Information Security experience, across multiple security domains. 1-2 years of experience implementing, maintaining, or auditing security standards such as NIST 800-53, ISO 2700x, SOC 2, SOX, HIPAA, PCI-DSS or Common Criteria
87

Senior Security Analyst Resume Examples & Samples

  • A university degree in computer science or a degree in business with a minor in computer science, or at least 10 years of appropriate professional security experience
  • Knowledge of technology architecture practice and principles – including an understanding of the relationship between the Technology, Application and Information Architecture domains
  • CISSP, CISM or GIAC certification preferred
  • A minimum of 5 years broad experience across all IT Security Domains
  • Managing Information Security related projects across large and complex organizations
  • Demonstrated success working autonomously and without detailed direction
  • Experience implementing security controls over multiple security domains in line with the ISO 27001
  • Experience in implementing IT controls around a number of regulatory/legislative objectives
  • Familiarity with IT Security COTS tools
  • Proven record of effective communication with Management, Internal Auditors and External Auditors
  • Experience in writing Information Security related documentation
  • Ability to work independently and manage multiple priorities
  • Excellent written and oral communication skills. Be able to write professional reports and presentations
  • Exceptional interpersonal skills including effective communication, teamwork, facilitation and negotiation
88

Senior Security Analyst Resume Examples & Samples

  • Determining true threats, false positives and network system mis-configurations and provide solutions to issues detected in a timely manner
  • Develop, update and maintain standard operating procedures and other technical documentation
  • Train and mentor mid level and junior analysts
  • Bachelor’s degree in Computer and Information Systems, Engineering, Science, or Mathematics
  • EO3 - 4+ years concentration security operations and analysis
  • E04 - 6+ years concentration security operations and analysis
  • Security Operations Center (SOC)/Network Operations Center (NOC)
  • Knowledge of and practical experience of integration of COTS or open source tools
  • Working knowledge of network protocols and common services
  • Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
  • Ability to assess information of network threats such as scans, computer viruses or complex attacks
  • Working knowledge of WAN/LAN concepts and technologies
  • SIEM content Analysis, Development and Testing
  • Familiarity with packet analysis to include
  • SMTP Traffic & Status codes
  • At least 1 of the following certifications CISSP, PMP, CCNP or related advanced IT certification
89

Senior Security Analyst Resume Examples & Samples

  • 3+ years experience working in security
  • Relevant work experience in security and incident investigation
  • Script Junky mastery in one of the following: Python, Pearl, Ruby, Bash
  • Written code to complete security tasks
  • Self-motivated and results-oriented
  • Programming experience in Python, C/C++, Java, or Go
  • Experience with malware analysis
  • Experience with threat hunting and threat modeling
  • Data analytics experience
  • Worked with large scale cloud infrastructures
90

Senior Security Analyst Resume Examples & Samples

  • Perform security incident and threat analysis
  • Incident management through complex troubleshooting of security devices/solutions
  • Design, document, and implement change requests in SIEM or other security devices
  • Training of peers, briefing customers, and other Verizon organizations outside operations
  • Stay abreast of cyber security issues by research of industry trends, viewing watch lists, and by other means to keep our MSS updated
  • They must have excellent customer services skills, proven technical expertise in Information and Network Security, and well-rounded understanding and command of the fundamentals of network routing, TCP/IP and Network Security
91

Senior Security Analyst Resume Examples & Samples

  • Minimum three (3) years of prior hands-on experience with Splunk or equivalent SIEM
  • Experience configuring and using Splunk and ELK to identify security events
  • Conceptual knowledge on different areas of computer security (network, application, cryptography, forensics, incident response, etc.)
  • Basic understanding of computer networks (VLAN, IP addressing, security zones of trust, etc.)
  • Understanding of common security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, etc.)
  • Knowledge of *nix operating system and commands
  • Basic programming and scripting skills (includes ability to write regular expressions) (python, perl, bash, Ruby or any other programming language)
  • Undergraduate degree required; B.S./B.A. Computer Science, Computer Engineering preferred
  • Professional security certifications are a plus
  • Excited to learn, work, grow, and advance your career
92

GIS Senior Security Analyst Resume Examples & Samples

  • Assist with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 level analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
  • Assist with post mortem analyses of information security breaches, violations and incidents to identify root cause and lessons learned
  • Provide in-depth technical input for investigations of information security incidents including internal/external fraud, hacking attempts, and system outages
  • Monitor host and network detection systems, assist with operations, maintenance and configuration oversight
  • Analyze previously unknown malware utilizing static and dynamic methods to determine its behavior and impact on endpoints as well as build a list of indicators of compromise
  • Proactively improve the holistic Enterprise security posture by contributing rules, indicators of compromise (IOCs), and such artifacts where possible as the result of continuous monitoring and incident response actions
  • Review audit trails for unauthorized access attempts or other information security violations
  • Scan systems using custom and commercial security tools to identify potential vulnerabilities
  • Provide technical assistance with the initial set-up and secure deployment of systems which support information security including anti-malware systems, virus detection systems and firewall content filtering systems
  • Assist with the selection and adoption of automated tools which enforce or monitor compliance with information security policies, standards and requirements
  • Assist in the development of new approaches that will allow greater standardization and more effective management of information security metrics
  • Assist in the development and maintenance of documentation relevant to GIS (e.g., standard operating procedures (SOPs), formalized workflows, Operations-specific programs (i.e. Threat Intelligence) by leveraging the output of incident response analysis and experience
  • Some international travel required
  • Scripting skills with languages such as Python and PowerShell a plus
  • Ability to interface effectively and decisively with all levels of management, departments and outside vendors
93

Senior Security Analyst Resume Examples & Samples

  • 5 years+ Threat & Vulnerability Management experience within an Enterprise environment
  • Experience with adhering to regulatory requirements (PCI, PCI, SOX, SAE16)
  • Experience with Pen Testing and/or managing 3rd party Pen Testers
  • 10+ years in Information Technology
  • 5+ years in Information Security within a systems environment
94

Senior Security Analyst / Policy & Awareness Resume Examples & Samples

  • Bachelor’s Degree in a related field plus two to three years of progressive experience in Information Risk, policy management, or awareness and communications within a regulated industry
  • Proven ability to work successfully with others and collaborate with cross functional areas to identify needs, provide guidance, and communicate solutions
  • Relevant professional certification such as CPLP, CPT, CPTM, CTDP, CISA, CISM, CRISC, PMP, or similar credentials are preferred
  • Excellent writing and presentation skills, and the ability to prepare awareness communications and support collateral. (Be prepared to show examples.)
  • Must have computer proficiency and able to utilize MS Office software (e.g., MS Word, MS PowerPoint, MS Excel) at an advanced level
  • The ability to communicate technical information to both technical and non-technical colleagues
95

Senior Security Analyst / Lead Resume Examples & Samples

  • Technical knowledge for securing assets in Windows and Linux operating systems, Cisco IOS, and cloud-based environments
  • Ability to build configurations for security tools and technologies using tool-specific languages and interfaces
  • High level of self-motivation, analytical and problem-solving capabilities, and ability to research complex security problems
  • Excellent oral and written communication skills.Ability to convey complex security concepts and technologies to a non-technical audience preferred
  • Ability to work collaboratively across security and infrastructure environments
  • Ability to write simple programming scripts and queries, and experience with programming languages such as Python
  • Bachelor’s degree in information technology, computer science, information security, or related field
  • At least 3 years (Senior) or 6 years (Lead) work experience in information security, preferably in security operations and management
  • Broad technical security knowledge in the following areas: Microsoft Windows, Apple iOS, UNIX, Linux, Cisco Network IDS, Cisco Host-based IDS, Digital Certificates, NAC, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture
  • Familiarity with and practical application of common cybersecurity standards (e.g., ISO 27002, NIST CSF, NIST 800-53 etc.), laws and regulations related to information security and data confidentiality (e.g. PCI, Sarbanes-Oxley, etc.) and principles and controls for desktop, server, application, database, and network security. Familiarity with NERC-CIP standards a plus
  • Working knowledge of cybersecurity risk assessment methodologies (e.g., OCTAVE)
  • Security certifications, such as Certified Information Systems Security Professional (CISSP), CompTIA Security+, GIAC Information Security Professional (GISP), or Systems Security Certified Practitioner (SSCP)
  • Operational knowledge and experience in securing industrial control systems, particularly in the oil and gas industry
  • EQT Corporation and its subsidiaries is an EEO/Affirmative Action employer -- M/F/Disability/Veteran
96

Senior Security Analyst Resume Examples & Samples

  • Assess threat and vulnerability information
  • Perform monitoring and threat analysis
  • Mitigation and remediation plans
  • Document computer security and emergency measures policies and tests
  • Address questions from internal and external audits and examinations
  • Familiarity with information security standards, including PCI, ISO 27002, NIST 800 series and others
  • Experienced with a variety of information security systems and tools, such as Security Information Event Management, Vulnerability Management, Intrusion Detection/Prevention, Web Content Filtering, Anti-Virus/Malware and Data Loss Prevention
  • Understanding of TCP/IP and networking fundamentals
  • Excellent verbal, written, and interpersonal communication skills, including explaining technical concepts in non-technical terms and public speaking
97

Senior Security Analyst Resume Examples & Samples

  • Develop, implement and maintain an Information Security Risk Management program
  • Assist in efforts to develop and publish policies, standards for security and security risk management
  • Monitor and advise on information security issues related to systems and work-flow, and ensure the internal security controls for the company are appropriate and operating as intended
  • Coordinate response to information security incidents and investigations
  • Provide consultation to business units and technology teams on the topic of best-practices and ongoing requirements
  • Utilize monitoring, analysis, reporting, and vulnerability assessment tools
  • Manage Information Security Policy and supporting documentation, monitor adherence and identify gaps
  • Project leadership, cross-training, and knowledge transfer within team
  • Conduct Periodic internal audits for Risk and Compliance
  • Bachelor of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training
  • 6-8 years working within Information Technology and 4-6 years specifically in Information Security
  • Must be familiar with security software products and audit tools used in distributed computing environment. Knowledge of Microsoft Windows NT/Active Directory, Internet security, network security technologies, and third party security or audit tools is required. In addition; understanding how to implement application level security controls and mechanisms
  • Must have understanding of various logging methods and security event terminology
  • Additional Qualifications
  • Experience performing Risk/Threat/Vulnerability assessments and analyses
  • Working knowledge of key elements for a successful Risk Management Program and related frameworks or standards (i.e. NIST, ISO, COBIT)
  • Hands on experience with Incident Response, or previous participation with Incident Response Teams such as the role of first responder, analysis or forensics, or an incident response manager
  • Hands-on experience with security tools such as nmap, Wireshark, tcpdump, SIEM, Nikto/Wikto, Nessus, Metasploit, NeXpose, SATAN, Burp Suite, w3af, Tripwire, CORE Impact, Backtrack, Snort, JTR, Volatility, Memoryze, etc
  • Practical experience in deployment and management of applied IT security technologies and tools such as two-factor authentication, enterprise PKI, email encryption, data loss prevention (DLP) technologies, network access control, intrusion detection/prevention systems, centralized endpoint protection, etc
  • Working knowledge of current penetration testing and vulnerability assessment tools and techniques for hosts, applications, web applications, and network devices
  • Experience working with internal and external audit groups to ensure compliance to appropriate regulations and data protection directives. Familiarity with compliance frameworks such as PCI,HIPAA and Sarbanes-Oxley
  • Understand information security concepts, protocols, "industry best practices", strategies and able to advise on process improvement. Should have experience working with business units or non-IT departments helping to develop or implement security strategies and solutions
  • CISSP, CRISK, CISA, GIAC or other security certifications highly desired
  • Proficient in MS Office applications including Visio
98

Senior Security Analyst Resume Examples & Samples

  • Provide support as a part of the US Navy’s Computer Network Defense (CND) Afloat/Ashore In-Service Engineering Activity (ISEA)
  • Evaluate DoD Directives (DODD), Task Orders (TASKORD), Operation Orders (OPORD) in detail, and provided relevant guidance to CND system operators via Fleet Action Messages (FAMs)
  • Advise other Programs of Record (PORs) with regards to applicable cybersecurity policies and updates to relevant cybersecurity software suites
  • Identify issues as reported by CND system operators and performed root cause analysis (RCA) through the review of various logs and reports
  • Recommend to CND system operators various courses of action and provide remediations to identified issues
  • Advise CND Research & Development (R&D) of new developments in Information Technology (IT) principles, concepts, methods, standards and practices and made recommendations as to the design of the CND suite of systems that is installed aboard all US Navy combat ships, Fleet Network Operations Centers (FLTNOCs), and Theater Network Operations and Security Centers (TNOSCs)
  • Work with CND R&D in every part of the system development lifecycle to ensure systems were delivered on time and within established parameters
  • Provide expertise to R&D Subject Matter Experts (SME) to resolve issues discovered during the development of new CND system iterations and ensure timely deployment of systems
  • Assess status of R&D deliverables and provided updates to CND ISEA management
  • Advise CND system users and other POR Engineers on the topic of system and application security threats and vulnerabilities, including the identification of false positives
  • Conduct engineering vulnerability risk assessments, security tests, and evaluations of CND systems as well other POR systems utilizing DoD-approved Information Assurance (IA) tools to categorize, determine compliance to established technical procedures, documentation guidelines, and the certification and accreditation process
  • Provide distance support to CND system operators both by phone and email to analyze cybersecurity issues, come to mutually agreed conclusions, and recommend resolutions
  • Apply NIST SP 800-53 and CNSS-1253 IA guidance to CND systems as detailed in Defense Information Systems Agency (DISA) Control Correlation Identifiers (CCIs), Security Requirement Guides (SRGs), and Security Technical Implementation Guides (STIGs)
  • Compile risk assessment data from multiple subsystems into a Certification and Accreditation (C&A) package to be presented to the Navy Operational Designated Accrediting Authority (ODAA) in order to receive Authority to Operate (ATO)
  • Lead on-site ISEA teams, consisting of personnel with different skills and experience, in providing rapid implementation of unclassified and classified Computer Security Programs on-board US Navy ships
  • Lead on-site ISEA teams to resolve, in a timely fashion, critical issues affecting the delivery of IT services to entire Area of Responsibility (AoR)
  • Adjust work operations of ISEA team members to meet changing conditions on-site
  • Work with other POR ISEAs to assist CND system operators in achieving their objective, even when the fault was not with the CND system itself
  • Utilize the Remedy ticketing system to update and track the status of CND system incidents
  • Introduce the Independent Validation and Verification (IV&V) to all ISEA releases, ensuring quality control of software and guidance
  • Review the work of ISEA team members and provided appropriate guidance and training
  • Work with Naval Network Warfare Command to ensure continual monitoring of computer security activities aboard all US Navy combat ships, FLTNOCs, and TNOSCs through the use of firewalls, Intrusion Detection Systems (IDS), web content filters, and email scanners
  • Identify technical applicability, remediations, and supported mitigation of vulnerabilities identified by Information Assurance Vulnerability Messages (IAVM)
  • Diagnose and resolve LAN and WAN connectivity issues on both unclassified and classified networks
  • Design, evaluate and resolve issues with McAfee Host-Based Security Systems (HBSS)
  • Utilized HBSS in the continuous monitoring of information systems and instructed CND system users in its use
  • Assist sites with a wide variety of both unclassified and classified connectivity and software issues
  • Develop, test and distribute Windows, Linux, HBSS, and VMWare patches for the CND suite
  • Analyze Command Cyber Readiness Inspection (CCRI) audits and provided resolutions and mitigation as needed
  • Ensure audit mitigation activities were conducted with minimal impact to system operations
  • Install, and support Tenable Nessus and Security Center as part of DISA’s Assured Compliance Assessment Solution (ACAS)
  • Conduct automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discovery using ACAS
  • DoD 8570 Compliant
  • HBSS Experience
  • ACAS Experience
  • U.S. citizens ONLY due to government or federal requirement
99

Senior Security Analyst Resume Examples & Samples

  • Analysis of event feeds, intelligence, malware samples, and incident data for evidence of malicious or anomalous activity, and to better understand adversary tactics, techniques and procedures (TTPs)
  • Development of custom tools to detect malicious activity at the user, host, and network levels, either as stand-alone tools or as prototypes of more complex solutions
  • Ingest, create, and share intelligence, TTPs, and threat data Indicators of Compromise (IOCs)
  • Triage and short-term analysis of real-time data feeds (such as system logs and alerts) for potential intrusions (i.e. hunting)
  • Drive FEP Process maturity
  • Vulnerability Management (VM) and engineering
  • 5 years’ experience in one or more of the following: incident response, application security, network security, security operations, security monitoring
  • Minimum of one year scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, Perl, or other languages
  • Advanced understanding of security engineering, system and network security, cryptography, application security
  • Demonstrated experience with core technical domains such as operating systems (Linux and Windows), databases, and networking
  • Demonstrated ability to champion a program and drive successful completion while delivering
  • Experience with Incident Response, SIEM, Threat Intelligence, and Forensics tooling
  • Experience leading or driving efficiency in a Vulnerability Management program
  • Experience with red teams or Capture The Flag (CTF)
  • Experience with malware behavioral analysis
100

Senior Security Analyst Resume Examples & Samples

  • Bachelor’s degree in Computer Science. Vendor certifications in the security field are a plus
  • 6-10 years of Security Analysis experience working in global, complex environment
  • Understand cyber-attack methods such as SQL Injection and Cross Site Scripting attacks (XSS)
101

Senior Security Analyst Shared Services Resume Examples & Samples

  • Risk Assessments (Projects or Programs)
  • User Access Reviews
  • Regulatory Compliance; i.e. PCI
  • Security Reporting Tracking & Tools: i.e, Archer
  • Vulnerability Scanning & Mitigation
  • EDiscovery and Forensics
  • Incident Response Coordination
  • Communications and Awareness
102

Senior Security Analyst Resume Examples & Samples

  • Ensures the operation is in accordance with the established procedures and practices and that OLA’s are achieved
  • Ensures events and incidents are assessed correctly and that appropriate escalation takes place
  • Recommends strategies and or enhancements to increase employee productivity
  • Contribute to effective shift hand over
  • Prioritizes and manages Security incidents work queue
  • Triages security alerts
  • Monitors health of security sensors and endpoints
  • Attend weekly Security team performance meetings
  • 3-5 years’ experience in analytic, investigative and problem solving within IT Security Support team
  • Strong technical background across IT network technologies and protocols including DNS, TCP/IP, PKI, firewalls, etc
  • Good understanding of Information Security principles, best practice standards and guidelines (e.g. ISO 27001, CISA, CISSP)
  • Strong stakeholder engagement providing both excellent written and verbal communication skills
  • Experience working in both a team environment and autonomously
  • Security and hacking certifications an advantage
  • Experience of using Intelligence tools such as; SIEM, Vulnerability Management Systems, Scanning and advanced HIDS/IDS
  • Relevant qualifications are an advantage (GIAC, EC-Council, CSFA)
  • Minimum ITIL V3 Foundation certification
  • Good and clear written English language and documentation skills
  • Flexible to work in shifts to cover 24/7/365 operations
  • Ability to work under higpressure and flexibility to meet business demands as they arise
103

Senior Security Analyst, Analysis & Response Resume Examples & Samples

  • Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date
  • Regularly present technical topics to technical and non-technical audiences
  • Continually develop new technical skills and push overall team capabilities forward
  • Engage with and mentor other team members
  • Minimum of 5 years of experience in Information Technology with at least 3 years of experience in Information Security
  • Experience analyzing raw log files, particularly logs from network or host based security tools
  • Experience analyzing packet captures
  • Strong aptitude for continuous learning and growth
  • Experience with at least two programming or scripting languages
104

Senior Security Analyst Resume Examples & Samples

  • Monitor & respond to security events, potential vulnerabilities, exposures, and policy compliance issues
  • Triage, Investigate, and Evict adversaries and Red Teams
  • Provide security incident response and management, investigation, and consultation until issue closure
  • As part of a team, build and develop the forensic program through expertise, collaboration, and influence
  • Research new incident response tools or capabilities
  • Automate response and forensic functions
  • Evaluate security risks and their impact to the Microsoft Cloud and Online Services environments
  • Create technical documentation such as TSG’s, FAQs and SOPs
  • Rotational On-Call responsibility
  • 5+ years of experience in either forensics for multiple platforms (Windows, Linux, SQL, etc.), or extensive experience in responding, investigating, and recovering from breach or compromise
  • 1+ years of experience in developing services or scripts for automation of analysis, response, or forensics
  • Possess the ability to work effectively in ambiguous situations and respond favorably to change
  • Highly-developed analytical skills, with sound judgement and follow-through in complex situations
  • Excellent interpersonal skills, and strong written and verbal communication skills
105

Senior Security Analyst Resume Examples & Samples

  • Bachelors (BA or BS) degree or equivalent blend of education and experience
  • Four (4) years direct and progressive experience supporting Infor/Lawson ERP applications at the level of an application administrator/specialist/analyst or security analyst
  • Working knowledge of laua security and various form, data, and file security implementation capabilities
  • Infor/Lawson S3 experience including Lawson System Foundation (LSF) 9.0.1.x, Lawson S3 Applications 9.0.0.x or 9.0.1.x, UNIX/Oracle or large-scale Windows/SQL operating environment, Working knowledge of LDAP and AD authentication and Exposure to Infor-10 technology and applications, Landmark, and Lawson Security
  • Working knowledge of Infor/Lawson applications and Lawson System Foundation (LSF) technical environment
  • Previous Infor/Lawson application security experience using LAUA with experience using Lawson Security (LS) highly desired
  • Working knowledge of Active Directory
  • Working knowledge of LDAP tools such as LDAP browsers, data extraction using SQL
  • Strong troubleshooting skills for authentication/authorization in a complex technical environment
  • Demonstrated capacity for high volume workload with high standards for quality/accuracy
  • Ability to effectively communicate across range of constituencies including caregivers, requesters (e.g., managers, supervisors), technical collaborators (e.g., Identity and Access Management)
  • Ability to use Microsoft Office tools to create and maintain security documentation of processes/procedures
  • Skill with scripting tools/languages such as shell, perl, PL/SQL to facilitate automation of internal processes (highly desired)
106

NGL Senior Security Analyst Resume Examples & Samples

  • ManTech is searching for talented candidates with experience in the area of security, cyber security and information assurance for launch vehicle systems
  • Review and assess launch vehcile provider's security and information assurance plans IAW Department of Defense (DoD) 5220.22-M (National Industrial Security Program Operating Manual [NISPOM]); verify compliance with launch site Cybersecurity requirements including DODI 8582.01, CNSSI 1253, ISO 27000; verify compliance of LSP with its security and information assurance plans, IAW PWS section 4.1.4 (Site Security and Cybersecurity)
  • Supports Security Site Surveys of launch sites new to the EELV program; evaluate LSP Program Protection Plan; Facilitate CSOSA Agreements between NASA, CCAFS, and LSP; assess security and information assurance risks arising from any of the above activities, weekly coordination meetings with security NECT representatives at CCAFS and VAFB to coordinate activities and work products across locations
  • Assessing above activities and plans, their implementation, and assigning risk level according to audits results and findings
  • Experience with NSA requirements for flight safety systems progams and in-depth knowledge of the DoD
107

Senior Security Analyst Resume Examples & Samples

  • 10+ years of relevant technology or information security experience with demonstrated growth path
  • 3-5 years of Information Security experience, across multiple security domains
  • 1-2 years of experience implementing, maintaining, or auditing security standards such as NIST 800-53, ISO 2700x, SOC 2, SOX, HIPAA, PCI-DSS or Common Criteria
  • Experience in educating and promoting good security practices throughout an enterprise organization
  • Knowledge of common attack methodologies; common types of security vulnerabilities
  • Experience in securing system and network technologies
  • Experience in secure coding practices and SDLC
  • Familiarity with various aspects and components of information security such as encryption methods/standards, real-time intruder detection, perimeter security, event correlation, authentication services, vulnerability analysis, and incident handling and forensics
  • Review narratives and perform tests of effectiveness for regulatory, standards and other compliance
  • Vulnerability assessments, penetration testing and audits
  • Working knowledge of common security tools
  • Delivering and maintaining security awareness training programs
108

Senior Security Analyst Resume Examples & Samples

  • Security monitoring for a global environment including incident response
  • Forensic analysis of artifacts, including malware, related to security incidents
  • Mentor less experienced team members
  • Participate in projects to tune, fix, or otherwise improve security posture across the enterprise
  • Communicate information security related concepts and situations to senior management
109

Senior Security Analyst Resume Examples & Samples

  • Utilize various information security solutions, and associated security event data, for the global enterprise, such as, but not limited to web security solutions (web gateway, web application firewall), endpoint security solutions (antivirus, desktop firewall, web content filtering, intrusion prevention), encryption and certificate management solutions (full disk, file/folder, PKI), data leakage protection (DLP), and other solutions used to ensure regulatory and corporate policy compliance
  • Work across these key teams in support of the Company’s Cyber Security Data Analytics area in order to continually mature the capabilities and leverage the analytics environment with the goal of to overall risk reduction to the Company
  • Opportunities and special assignments will be provided to lead services and activities in the organization outside of the Security Analytics area
  • Maintain up-to-date security industry awareness and training, and be able to assist and give input on how emerging threats may potentially impact the organization including those that may be specific to manufacturing systems and other critical systems across the Company
  • Participation in Security Incident Response activities when needed
  • Minimum of 3 years professional experience in a Security Data Analytics role
  • Team leadership
  • Mature verbal and written communication
  • Experience with Splunk technology
110

Senior Security Analyst Resume Examples & Samples

  • Track and maintain clearances via JPAS
  • Manage security contractual agreements as applicable to DD254’s
  • Conduct Security/NATO briefings and debriefings
  • Support employees / candidates / consultants with completion of security paperwork
  • Track RRU submissions and completions
  • Provide support to the Document Control/PERSEC Sr. Security Analyst and Senior program Manager
  • Familiarity with the Continuous Improvement process
  • Knowledge of document control procedures, physical security and closed areas
  • Knowledge of NISPOM and other government security directives
  • Knowledge of the government classified contract process and able to understand DD254 requirements
111

Senior Security Analyst Resume Examples & Samples

  • Leads and participates in customer projects to the defined requirements in the timeframe required by customers with the highest quality and integrity of work
  • Conducts security tests using automated tools, ad-hoc tools, and manual testing techniques
  • Conducts penetration testing against different technological domains including, but not limited to embedded devices, web apps, mobile apps and other device applications
  • Assesses and calculates risk based on vulnerabilities and exposures discovered during testing, based on international standards such as OWASP, NIST 800-115, OPENSAMM among others
  • Creates required information security documentation, technical reports, and formal papers on test findings, and complete requests in accordance with requirements
  • Provides technical guidance and training to new security team members
  • Provides pre-sales support and the sale of more complex projects
  • Helps drive innovation in cybersecurity services
  • University Degree (Bachelor’s degree or higher) in Computer Science or a related discipline plus four years’ technical expert in cybersecurity, software development, or ethical hacking
  • Experience with cybersecurity testing of products and software to identify weaknesses and flaws. Able to create PoC's and clearly document the procedure
  • Hands-on experience with commercial, open source and free security tools for static source code analysis, fuzzing testing, dynamic and binary testing; as well as vulnerability scanning
  • Understanding of security issues on various operating systems, web and database platforms, proven proficiency in networking and security
  • Extensive experience and knowledge in scripting at least one or more of the following languages: sh, csh, perl, python, ruby
  • Experience with C, C++, Java programming
  • Experience with QNX, Linux, iOS, AOSP, etc
  • Security related certifications is a plus: CEH, GIAC GSE
  • Deep expertise in testing in at least two or more of the following domains: Embedded software, embedded security, mobile apps, telecom or networking equipment
112

Senior Security Analyst Resume Examples & Samples

  • Support for the Project Management team on evaluation scoping, resource requirements, certification body and customer expectations
  • Customer code review: because of stringent confidentiality and security requirements, this often necessitates travel to customer premises in Europe
  • Based on the code review a vulnerability analysis has to be carried out, to determine if the customer product has any potential security weaknesses. Products with OS, JavaCard API, and various applications are typically considered
  • Investigate possible logical attack scenarios. Analyse the platform code, develop attack applets and provide support for the security evaluation engineers in charge of product testing – by interpreting the code review findings, orienting the attack paths and analysing the test results
  • Formal report writing in line with customer and certification scheme requirements
  • To contribute to internal work processes by improving tools for evaluation efficiency, report writing and technical training
  • Degree in Computer Science or other technical discipline. Cryptography and Data Security knowledge would be adventageous
  • Extensive experience in software development on embedded products. Payment or security industry, Smart cards experience are desired
  • Extensive experience in C, C++ is required, good knowledge of microcontroller architectures and their assembly languages, Java
  • Hands-on experience of native OS, applications and products
  • Rigorous attention to detail. Dependable in meeting commitments and deadlines
  • Good commitment, logical and structured approach
  • Creative and analytic skills
  • Strong team player, able to learn from and to train your colleagues
  • Excellent command of written and spoken English; Comfortable working in a multi-national and multi-disciplinary team
113

Senior Security Analyst Resume Examples & Samples

  • Based on the code review, a vulnerability analysis has to be carried out to determine if the customer product has any potential security weaknesses. The different layers of the products including OS, GlobalPlatform, Java Card Virtual Machine, APIs, and various applications are typically considered
  • Investigate possible logical attack scenarios against the Java Card Virtual Machine and perform the software attacks
  • Provide support for the security evaluation engineers in charge of physical penetration testing – by interpreting the code review findings, orienting the attack paths and analysing the test results
  • Degree in Computer Science or other technical discipline, A background in Cryptography would be advantageous as would be Cryptography and Data Security knowledge
  • Development experience in software development on embedded products
  • Experience in Payment, telecommunication or security industry; Smart cards; Common Criteria is preferred
  • Hands-on experience of Java Card Open Platform and/or UICC specifications and products
  • Strong experience in the following languages: C, Java and assembly languages
  • Good knowledge of microcontroller architectures and their assembly languages
  • Rigorous attention to detail; Dependable in meeting commitments and deadlines
  • Ability to work independently, creative and strong analytical skills, logical and structured approach
  • Enthusiastic and keen to learn new skills
  • A strong team player, able to learn from and to train your colleagues
  • Comfortable working in a multi-national and multi-disciplinary team
114

Senior Security Analyst Resume Examples & Samples

  • 6 ~7 years progressively responsible experience in security management of mainframes, midrange and local area networks
  • 24 hour / 7 days a week on~call support is required
  • Recommend and implement controls to protect the Advocate computer environment from threats that can result in a breach of confidentiality of the organization's valuable information, or unauthorized changes to patient records and/or production system files
  • Develop and recommend a security methodology, identifying risk and exposure and provide safeguards that are in compliance with generally accepted Information Systems control requirements
  • Provide on going monitoring of system security controls to insure that administrators are in compliance with security objectives, policies, and procedures
  • When assigned, participate in information system implementation projects
  • Provide for the planning and documentation for the development of an organizational~wide security awareness program
115

Senior Security Analyst Resume Examples & Samples

  • Develop, document and improve the Security Incident Response process
  • Develop, document and maintain processes for daily IS Security operation activities
  • Identify patterns and trends in security events that could lead to security incidents
  • Develop, document and maintain use cases for implementing new Indicator of compromise and generate alerts
  • Develop, document and implement key performance indicators and other metrics as it relates to IS Security Operation activities
  • Develop, document, maintain and operationalize on-going threat and vulnerability management activities
  • Ensure continuous improvements of processes and practices
  • Develop standards identify operation security requirements for IT project delivery
  • Participate in projects related to the deployment of IS Security Operations tools and practices
  • Excellent interpersonal, written and oral communication skills and ability to communicate in both technical and non-technical language with all levels of staff and management
  • Demonstrated ability to identify requirements/needs, assess solutions and provide recommendations
  • Demonstrates an ability to work in a collaborative environment and influence others
  • Excellent grasp of the latest Indicator of Compromise (IoC) and malware trends
  • Experience developing Security Incident Response and daily SIEM operations processes
  • Experience in Computer forensic is an asset
  • Experience developing and /or participating in RFP for SIEM third party services is an asset
  • Experience in organizations that support SCADA networks, pipeline operations, and Industrial Plant Control systems is an asset
  • University degree with equivalent experience
  • Minimum 10 years directly related experience with a focus on information security
  • Obtained or demonstrates an active pursuit of one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Risk Information System Control, (CRISC) certifications, or other related certifications
  • CISSP, CISM, GCIH, GCIA, GMON, GCFA and/or GCFE certified
  • ArcSight Administrator qualification is an asset
  • Minimum 5 years of experience in the following areas is an asset
116

Senior Security Analyst Resume Examples & Samples

  • Take a lead on investigation of cyber security incidents and threats
  • Train and mentor junior Security Analysts
  • Interact with stakeholders and leadership teams as part of the response efforts
  • Maintain expert-level knowledge of technologies and the threat landscape
  • Assist during non-core business hours during an emergency, critical or large-scale incident
  • Experience of an operational environment such as a SOC or CSIRT
  • Experience with security products and technologies, especially related to event and incident handling (e.g.SIEM, HIDS/NIDS, AV)
  • Incident Response workflow development and automation
  • Deep understanding of TCP/IP, common application-layer protocols and network architecture within an enterprise environment
  • Deep familiarity with common operating systems
  • Deep understanding of attacker TTPs
  • Exceptional log analysis skills
  • Scripting skills and an in-depth knowledge of how software works
  • Malware analysis (dynamic analysis)
  • Reverse engineering malware (static analysis)
117

Senior Security Analyst Resume Examples & Samples

  • Reviewing customer security logs on a real-time basis
  • Assessing the impact of traffic on customer networks
  • Adherence to established internal procedures and guidelines
  • Assisting with Security Analyst shifts as required
  • Understanding current vulnerabilities, attacks and countermeasures
  • Performing analysis demonstrations for customers
  • Participating in customer conference calls and demonstrations
  • Adjusting the backend technology system
  • Fulfilling more complex ad-hoc queries
  • Mentoring and training security analysts
  • Auditing work results for accuracy
  • Serving as an internal escalation point of contact
  • Identifying opportunities to improve the service
  • Delivering on projects as defined
  • Advanced networking and security skills
  • Knowledge of identified operating system platforms; routers, network protocols, and security architecture
  • Advanced knowledge of current vulnerabilities and attacks
  • Knowledge of Transact SQL
  • 1-2 years experience with alert analysis in a computer network intrusion/detection environment or similar field desirable
  • 4-6 years experience working in an operations environment or 1-3 years Symantec SOC experience
  • Working towards certification in the following
118

Senior Security Analyst Resume Examples & Samples

  • Monitor, analyze and report on changes in industry standards, laws and regulations, contractual requirements, the organization’s technology landscape, risk profile and risk appetite
  • Maintain thorough understanding of the company’s security posture, capabilities, and stakeholders
  • Analyze impact to the organization and translate into changes to policies and standards
  • Provide subject matter expertise for policy content, intent of security requirements and applicability to systems and environments[AM1]
  • Evangelize policy, standards and technical guidance to the rest of the organization. Create and conduct presentations and white papers for medium and large audiences
  • Create, review and modify security awareness content related to security policies, standards and technical guidance[AM2]
  • Create and maintain assessment and control maturity methodologies and process used to evaluate compliance with policies and standards
  • Create and maintain policy, standards and technical guidance content in Policy & Compliance software
  • Identify and maintain products and solutions to be assessed for compliance in Policy & Compliance software
  • Perform security and control maturity assessments against policies and standards
  • Participate in customer audits as it pertains to the information security governance area
  • Protects our customers, our employees, and our brands by incorporating security and compliance in all decisions and daily job responsibilities; follows security policies and procedures
  • 3+ years of information security, compliance and or audit experience in an IT environment
  • 3+ years of experience in policy development and or security assessments
  • Capable of leading and facilitating meetings (in-person or virtual)
  • Experience working with one or more of the following: PCI DSS, NIST 800-53, ISO 27001/2, NIST CSF industry standards
119

Senior Security Analyst Resume Examples & Samples

  • Monitoring the environment and leading investigations regarding cyber security breaches across the group including cloud and industrial control environments
  • Providing a coordinated response to complex cyber-attacks that pose a threat to the company’s assets, intellectual property, computer and industrial control systems
  • Leveraging threat, business and open-source intelligence sources to guide detection and response activities
  • Contributing to the development and improvement of security monitoring and incident response processes and solutions as required to support our cyber security program
  • Developing or contributing to the development of bespoke tools to facilitate detection and response activities
  • A bachelor’s degree or equivalent experience
  • Experience in information security with specific experience areas like penetration testing, intrusion detection, security monitoring and incident response is required
  • Experience or interest in the fields of malware analysis, threat intelligence or software development
  • Experience coordinating complex response activities with IT services departments
120

Senior Security Analyst Resume Examples & Samples

  • Technical solution inventory control management, ownership and ongoing validation
  • New Business and Third Party Contracts Governance
  • Network packet and HTML trace analysis capability
  • Technical solution inventory control validation
  • Security roadmap
  • Risk Management Office participation – incident and issue management
  • Produce business documents that demonstrate command of language, clarity of thought and orderliness of presentation
  • Audit - Review and remediation signoff
  • Analyze information security systems and applications and recommends and develops security measures to protect information against unauthorized modification or loss
  • Participation in ongoing vulnerability identification and remediation
  • Become a trusted technical resource for our customer base and internal teams
  • Leads relevant projects and initiatives as needed
  • Network data analysis at various layers of the stack
  • Minimum IT security work experience - Minimum 5 years of experience
  • Working knowledgeable in HIPPA and HiTech Act, PCI, ; ISO 127001/2
  • Ability to perform forensic analysis including thorough understanding of windows events and Unix syslogs
  • Must be familiar with a variety of the field's concepts, practices, and procedures
  • Knowledge of regulatory and security best practices associated to the management of PII and SPI
121

Senior Security Analyst Resume Examples & Samples

  • Process daily, monthly, and yearly security related requests
  • Add and remove user access to systems, and document requests within ticketing system
  • Recognize potential security issues and work with internal partners to develop ways to improve processes
  • Monitor system access through ad hoc, monthly, and yearly data-entitlement reports
  • Create and maintain a repository of data access rights across all HR-related data systems
  • Maintain all levels of Department security which includes; approval process flow, data permissions, Department table and tree setup, user profiles, roles, page permissions, object and query security for all areas of PeopleSoft HRMS and Taleo/Fusion products
  • Maintain and updates user security profiles for multiple reporting directories
  • Support information security audits from an application data perspective
  • Resolve security related tickets within Service Level Agreements
  • Liaise with our technical partners to ensure technical measures conform to HR information security requirements
  • Manage changes to our HR entitlement systems with change control mechanisms
  • Organize work and perform duties based on agreed-to schedules
  • Interface with customers to assist with security requests and questions
  • Act as a Subject Matter Expert for projects and implementations, which may include weekly status meetings and joint application design sessions
  • Manage functional and technical resources to ensure that security standards and established processes are adhered to during projects and implementations
  • Perform risk assessments, including risk identification, risk mitigation, and documentation
  • Assist in the planning and execution of test scenarios and test scripts
122

Senior Security Analyst Resume Examples & Samples

  • Reviewing customer security logs and incidents
  • Articulating complex security issues, both verbally and written
  • Understanding the current threat landscape and assisting with application
  • Adjusting the backend technology system for tuning and visibility considerations
  • Training staff
  • Adhering to established internal procedures and guidelines, recommend updates
  • Auditing work results for quality assurance and delivery gaps
  • Managing projects, especially technical projects to include planning, prioritization, technical review, and implementation
  • Delivering projects as defined, including tasks worked on by other staff
  • Implementing analysis impacting adjustments to the technology system
  • Provide technical assistance to support MSS-SEs
  • Conducting business critical troubleshooting, coordinating an assigned team to ensure problems are promptly resolved according to customer standards
  • Working with little or no supervision; Taking general direction and formulating specific tasks to accomplish the desired end result
  • Anticipating problems and future technical needs and take necessary corrective steps to ensure they are addressed
  • Offering direction, guidance and mentoring to lesser skilled individuals on the team
  • Completing analysis, implementation and/or maintenance of highly complex, undefined tasks
  • Assisting with technical service direction by analyzing customer/industry trends, competitive information and service requirements
  • Working, prioritizing and managing multiple assignments and projects as assigned
123

Senior Security Analyst IAM Resume Examples & Samples

  • Analyze, design, build, test and deploy enterprise and/or customer-facing projects (including requirements gathering, business analysis and process engineering)
  • Participate in the design, creation and update of SAP roles with associated entitlements; translating functional requirements into technical design
  • Participate in the design, creation and update of Role-Based Access Control (RBAC) with a central Identity and Access Management solution
  • Support and provide technical assistance for the implementation of new solutions
  • Troubleshoot any incidents or issues related to IAM services
  • Maintain and assess operational requirements and service issues for improvement opportunities
  • Provide rotational on-call support
124

Senior Security Analyst Resume Examples & Samples

  • Work within the GRC team to perform in-depth technical risk assessments of Oath systems to determine risk level and mitigation strategies
  • Work with the team to continuously improve the technology risk process and procedures
  • Communicate potential weaknesses and associated risks identified by the risk assessment and compliance process
  • Develop action plans and/or recommend alternative solutions to resolve risks and exceptions
  • Provide oversight to ensure tracking of remediation plans for timely closure of risk issues
  • Research and maintain a knowledge base regarding information security risks, issues, solutions and potential implications for Oath
  • Provide Security requirements for development teams as needed prior to application deployment
  • Review vendor contracts for compliance with Oath Security Policies and Standards and perform vendor risk assessments
  • Bachelor’s degree or equivalent work experience and a proven track record in the field of information security and/or risk management
  • 5 or more years of hands-on technology, risk, security and/or governance experience
  • Must have in-depth knowledge of common information security topics, policies and standards
  • Excellent verbal and written communication skills with the ability to understand business requirements
  • Must be able to develop risk management strategies that align with business goals and objectives and protect the confidentiality, integrity and availability of information systems and data
  • Project management experience on information security processes and within software development life cycles is desired
  • Familiarity with measures and metrics used in risk assessment methods and/or vulnerability assessment processes
  • One or more of the following certifications: CISSP, CISA, CISM, CRISC
  • Amazon Web Services (AWS) security or compliance knowledge
  • Knowledge of (or desire to learn) Application Security (OWASP) risks
  • Knowledge of (or desire to learn) Network Security
  • Desire to work in Security Awareness
125

Vulcan Senior Security Analyst Resume Examples & Samples

  • General Responsibilities include, but are not limited to
  • Provide security and information assurance support to certify the capabilitiy of potential new entrant launch vehicle providers to provide launch services for Department of Defense (DoD) National Security Space (NSS) launch missions
  • Developing and implementing security, information assurance and program protection plans in accordance with DoD 5220.22-M; 'National Industrial Security Program Operating Manual'
  • Coordinate security and information assurance activities across all sites (LAAFB, CCAFS, and VAFB), assess security and information assurance risks, and provide inputs to Government
  • Provide a Protection Implementation Plan describing how CPI will be handled and protected during certification evaluation activity
  • Familiarity and experience with protection and security plans for launch system flight creitical items and information systems
126

Senior Security Analyst Resume Examples & Samples

  • Assist in the company's corporate initiatives to process daily, monthly, yearly security related requests across various systems
  • This includes adding and removing user access to systems and documenting all request within their ticketing system
  • Demonstrate foresight in recognizing potential security issues and work with the company's internal partners to develop ways to improve processes
  • Monitor system access, this would include the generation of ad hoc, monthly and yearly data-entitlement reports
  • Participate in ad-hoc request
  • Interfaces with customers to assist with information for security requests
  • Implements security to include user profiles, roles, page permissions, object security and query security for all areas of PeopleSoft HRMS and Taleo/Fusion products, including but not limited to, HR, Benefits, Payroll, Time and Labor/Kronos, Recruiting, Onboarding, Goals/Performance, Compensation, etc
  • Maintains all levels of Department security, including approval process flow, data permissions, Department table and Department tree setup
  • Maintains and updates user security profiles for multiple reporting directories (Vista, Pay Center Directory, Controller Check Print Folders, and LBC Directory)
  • Acts as a Subject Matter Expert for projects and implementations, which may include weekly status meetings, joint application design sessions and testing sessions
  • Works with other functional and technical resources to ensure that security standards and established processes are adhered to during projects and implementations
  • Supports information security audits from an application data perspective and perform risk assessment including risk identification, risk mitigation and documentation
  • Resolves security related tickets passed to HRTS team within the Service Level Agreement
  • Assists in the planning and execution of test scenarios and test scripts
  • Bachelor's Degree preferred with a specialization in information technology, information systems or related field
  • 3-5 years of professional work experience within the HR security/entitlements space
  • Minimum of 3 years’ HR/Benefits/Payroll/Time & Labor experience, PeopleSoft security experience, Vista security experience and Taleo and/or Fusion security experience is a plus
  • Solid knowledge of information security principles and practices
  • Must have a strong attention to detail
  • Successful candidate will have a roll up your sleeves "can do" mindset
  • Utilize exceptional organization skills in a fast-paced environment with competing priorities
  • Capable of putting together the big picture from minor details and investigating gaps
  • Proficient with Microsoft Excel (generate pivot tables, write complex formulas)
  • Ability to quickly learn and embrace new technology and systems
  • Proficient verbal and written communication skills
  • Able to use analytical skills (especially with building reports from multiple data points)
  • The ability to communicate with all levels within the organization
127

Senior Security Analyst Resume Examples & Samples

  • Interim Secret Clearance
  • 5+ years in Cyber Security
  • 3+ years in network or system engineering
  • Proficient with the following
  • Security: CISSP, CEH, CASP, GCIH, CCNA Security
  • Network: CCNP, JNCIP-SEC
128

Senior Security Analyst Resume Examples & Samples

  • Security event detection, triage and threat analysis for complex and/or escalated security events
  • Provide log, reputational and packet analysis
  • Coordinate with Verizon Threat Library and Cyber Intel teams to improve tuning and correlation
129

Senior Security Analyst Resume Examples & Samples

  • 5+ years’ experience in IT
  • IT security certification - CISSP, CISM or GIAC certification is an asset
  • 2+ years working with perimeter security devices, including firewalls, routers, switches, IDS\IPS, RAS, VPN and DMZ technologies
  • Strong understanding of big data and cloud based analytical systems, including AWS and Azure
130

Senior Security Analyst Resume Examples & Samples

  • Coach other security analyst
  • Use machine learning to hunt for malware or anomalous event
  • Identify indicators of compromise
  • Analyze attacker tactics, techniques and procedures (TTPs)
  • Monitor and analyze data flow to identify and block malicious behavior and activities
  • Provide updates and identified threats to the Development Security organization
131

Senior Security Analyst Resume Examples & Samples

  • Research, identify, prioritize, and analyze preventive and detective use cases that will help will help identify threat trends and anomalies impacting the company
  • Work with engineering teams to get additional data sources integrated into our data lake
  • Support data science activities to help identify the outcomes, algorithms, models, and calculations needed for each use case
  • Analyze and provide feedback on machine learning outputs to reduce the time required to get to fully supervised models
  • Provide analytical intelligence support to internal security incidents
  • Contribute to the curation, dissemination, and life cycle management of operational threat intelligence for Microsoft’s Cyber Defense Operations Center
  • Help generate intelligence products using a variety of data visualization techniques
  • Strong analytic skill and demonstrated ability to bring complex data together to answer security, identity, and operational risk related questions
  • Deep understanding of cyber threat attack vectors, how they are used, and methods to detect and mitigate them at the network, host, application, and identity layers
  • Strong understanding of mitigation and monitoring capabilities (Firewalls, Intrusion Detection Systems, Log Analysis, anti-malware, SIEM etc.) and how they help prevent and detect attacks
  • Demonstrated ability to analyze security and identity event streams and conduct log analysis on signals from on premise and cloud workloads
  • Understanding of risk management techniques and frameworks
  • Experience with business intelligence and analysis tools like Tableau, PowerBI, Maltego, Analyst Notebook, and Excel
  • Experience with SQL and the ability to query relational databases. Experience with Hadoop and GraphDBs a plus
  • Demonstrated ability to lead multiple complex analysis efforts with minimal guidance and supervision
  • Ability to mentor and aid in the development of junior analysts across the team
  • 7+ years in an Information Security field
  • 5+ years of experience conducting security analysis, preferably in direct support of security or identity operations
  • 3+ years of experience supporting information security incidents and investigations
  • 3+ years of experience working with big data and cloud infrastructure
132

Senior Security Analyst Resume Examples & Samples

  • Effectively manage the Firm's network malware detection system
  • Assist with the development of the FIRM's plans to adopt the NIST Cyber Security Framework
  • Design and review moderate to high complexity security controls to assist management in the protection of Information System resources and associated assets against accidental or unauthorized access, modification, destruction, or disclosure
  • Ensure compliance to published Information Security policies and standards
  • Provide security services that align with business objectives and regulatory requirements
  • Security control focus is moving towards a strategic vs. tactical perspective
  • Provide security advisement to fellow team members and other associates
  • Develop relationships with external security organizations to maintain awareness of security issues and trends
  • Establish and maintain appropriate enterprise security policies, standards, recommended practices, procedures, and controls
  • Maintain awareness of external security-related events and legislation
  • Ensure monitoring is appropriate and effective for detecting and reporting of key security events
  • Actively participate in security related continuing education
  • Provide security input into medium to high complexity development efforts that may impact security
133

Senior Security Analyst Resume Examples & Samples

  • Analyzes organizational security risks, interactions, develop and publish security risk handbook, and procedures for implementation ensuring alignment with appropriate standards and frameworks. Engages with other departments to sustain, improve, and streamline processes with a primary focus on safety, quality, delivery, and cost
  • Work collaboratively with IT, Information Security and business units to understand the scope of proposed projects, the impact of proposed projects to Xcel’s security and ensure that Information Security requirements are incorporated into projects up front. Act as an Information Security subject matter expert for the Project Management teams team as it relates to general security best practices and Xcel’s policies and standards. Ensure that Information Security is aware and engaged during the project lifecycle
  • Identifies and analyzes potential sources of loss to minimize risk. Executes risk assessment and quantification, aggregation reporting, and monitoring processes. Interprets business issues and recommends solutions/best practices. Solves complex problems; takes a broad perspective to identify solutions
  • Assesses and communicates information regarding business risks with functions across the organization. Builds and maintains relationships with business partners, including understanding their specific risk landscape. Uses professional knowledge, skills, and experience to influence and guide, monitor, and credibly challenge business areas as they manage risk and make risk decisions
134

Senior Security Analyst Resume Examples & Samples

  • Monitors and assesses vendor and 3rd party information security reports/lists
  • Reviews, prioritizes and recommends information security improvements as they relate to the achievement of Stanley Black & Decker’s business goals and objectives
  • Creates and maintains information security documentation
  • Communicates information security procedures to users
  • Reviews and recommends changes to information security policies
  • Skilled in Endpoint Security tools, techniques in large enterprise environment
  • Skilled in Encryption Tools, Techniques and processes in a large enterprise environment
  • Expertise and experience with SAML / Single Sign On tools, techniques, and authentication with SaaS applications
  • Experience with Identity and Access
  • In-depth disciplinary knowledge; leverages business acumen and subject matter expertise
  • Provides deep subject matter expertise, advice and program delivery
  • In-depth understanding of Stanley Black & Decker goals, customer requirements and knowledge of competitor practices
  • Thorough understanding of Stanley Black & Decker business priorities, strategy and direction
  • 6-8 years of relevant experience or equivalent combination of education and work experience
  • Applied knowledge of risk management concepts
  • Working Expert knowledge of systems and network administration. i.e desktop, server
  • Knowledge and application of globally accepted security /compliance standards
  • Knowledge of network security that pertains to communications, computer system environments and related infrastructures
  • Knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion
  • Thorough knowledge of the Globally Accepted Information Security Principles
  • Preferred: CISSP, GIAC, CISA SSCP or, CEH
135

Senior Security Analyst Resume Examples & Samples

  • Working within the Information Security Operations team to take an active role in the configuration and maintenance of a diverse range of security tools; be an advocate for Information Security across multiple business units and ensure that systems are compliant with internal and government security standards
  • Operate vulnerability scanning and compliance tools to identify system weaknesses and liaise with the wider IT teams to assist with the coordination of remedial actions
  • Monitor the changing threat landscape to identify and report emerging threats and issues; assess the impact of emerging vulnerabilities and manage teams to co-ordinate appropriate remedial actions. Enhance technical security process and procedures ensuring alignment to the corporate security policy
  • Provide guidance and support to technical teams on security standards, audit, policy and industry best practice
  • Actively monitor security tools deployed (anti-virus, configuration control, vulnerability management, end point security), escalate issues, assist with remediation and maintain these systems
  • Specification and design of automated security monitoring tools and, in conjunction with the technical teams, support the installation, configuration of such tools and assist in maintenance and monitoring activities
  • Assist security teams in technical investigations as a result of a security incident
  • Be a focus point for security advice and consultancy on a day to day basis
  • Competent practical experience of Security support
  • Experience in either an infrastructure security or application development security related role evidenced
  • Proven experience in infrastructure systems (UNIX, NT, Windows, Solaris)
  • Experience with network technologies (TCP/IP, Firewalls, LAN/WAN/VLAN)
  • Exposure to application and system development (Oracle, Java, UNIX, Web Service architecture)
  • A proven track record of analysis of requirements and implementing solutions to security requirements
  • Experience in developing of technical security documentation and review of technical documentation
  • Knowledge of security monitoring tools
  • Knowledge of access management
136

Senior Security Analyst Resume Examples & Samples

  • Develop and implement security, cybersecurity, and program protection plans in accordance with DoD 5220.22-M; 'National Industrial Security Program Operating Manual'
  • Manage all aspects of the DOD industrial security program and other security activities, ensuring compliance with government and company security policies and procedures
  • Review and investigate non-compliance issues
  • Provide security and information assurance support to certify the capability of potential new entrant launch service providers for Department of Defense (DoD) National Security Space (NSS) launch missions
  • Review and assess launch service provider's (LSP) security and information assurance plans IAW Department of Defense (DoD) 5220.22-M (National Industrial Security Program Operating Manual [NISPOM]); verify compliance with launch site Cybersecurity requirements including DODI 8582.01, CNSSI 1253, ISO 27000; verify compliance of LSP with its security and information assurance plans, IAW PWS section 4.1.4 (Site Security and Cybersecurity)
  • Coordinate security and information assurance activities across multiple sites (LAAFB, CCAFS, and VAFB), assess security and information assurance risks, and provide inputs to Government
  • Support Security Site Surveys of launch sites new to the EELV program; evaluate Launch Services Provider's Program Protection Plan; Facilitates CSOSA Agreements between NASA, CCAFS, and LSP; assess security and information assurance risks arising from any of the above activities, weekly coordination meetings with security representatives at CCAFS and VAFB to coordinate activities and work products across locations
  • Assess above activities and plans, their implementation, and assign risk level according to audits results and findings
137

Senior Security Analyst Resume Examples & Samples

  • Perform hunting activities to search the network for indicators of compromise
  • Provide immediate onsite services to the customer in the event of the identification of a compromise or a credible alert from an intrusion detection system
  • Perform incident response and malware analysis to investigate incidents and potential indicators of compromise
  • Help determine the extent of the compromise, attributes of any malware and possible data exfiltrated
  • Research and incorporate relevant threat intelligence during the investigation and in written and verbal reports
  • Develop, document and manage containment strategy
  • Experience with FireEye and Mandiant products, especially Mandiant for Intelligent Response (MIR) highly preferred
  • Experience with malware analysis and reverse engineering preferred
138

Senior Security Analyst Resume Examples & Samples

  • Contribute to the maturity of cyber threat hunting framework within the team
  • Work closely with security engineering to articulate and define requirements for new security products
  • Provide mentorship and training to junior security analysts and contribute to their career by developing challenges and exercises
  • Experience with Malware / Reverse Engineering with ability to assist in Static and Dynamic Analysis
139

Senior Security Analyst Resume Examples & Samples

  • Maintain Active Directory (DNS, Group Policy, DFS, etc.)
  • Maintain internal and external PKI
  • Provide technical support and technical leadership to less experienced engineering team members
  • Participate in on-call rotation schedule
  • Manage and implement firewall rules and next-generation firewall features (IPS, URL filtering, etc)
  • Technical writing/creation of formal documentation such as reports, training material and standards
140

GIS Senior Security Analyst Resume Examples & Samples

  • Assists with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
  • Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc
  • Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc
  • Reconstruct events of a compromise by creating a timeline via correlation of forensic data
  • Malware analysis and other attack analysis to extract indicators of compromise
  • Reviewing audit trails for unauthorized access attempts or other information security violations
  • Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks
  • Demonstrated continued independent involvement within cyber security-specific communities at any scale (e.g., groups, organizations, conferences) or equivalent activity that seeks to maintain small and large scale awareness of major security topics and events (Globally) preferred
  • Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders preferred
  • Strong host and network based forensics skills
  • Experience conducting detailed log analysis and correlation
  • Hands on Malware analysis experience – dynamic and static
  • Good understanding of SIEMs and similar technologies
  • Knowledge of industry good practice for foundational security elements including network device and system-level hardening
  • Ability to assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact
141

Senior Security Analyst Resume Examples & Samples

  • Identify new security protection technologies to enhance business services. Perform technology research, hands-on evaluation, and provide technical summary of the solution based on business use cases
  • Supports the design, implementation, operation and maintenance of security applications and tools based upon the established security architecture
  • Assists in the identification of potential security exposures that currently exist or may pose potential threats to Deloitte’s networks or systems. Notifies leader of potential or existing threats and assists in the development of risk mitigating strategies
  • Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security control procedures, and security auditing procedures)
  • Monitors security blogs, articles, and reports to remain up to date on the latest security risks, threats, and technology trends to incorporate information into processes, procedures, and communication activities
  • Assist with the development, deployment and support of Data Protection solutions
  • Assists with development and communication of information protection guidelines and requirements
  • Provides project support for security functions. This includes assisting with security design and preparing security documentation for internal process as well as internal/external audits and assessments
  • May vary by specialization but may include understanding of project management, application security concepts, data protection, and mobility security integration
142

Senior Security Analyst Resume Examples & Samples

  • Install and maintain SIEM, IPS, DLP and APT tools like QRadar, Cisco Sourcefire, Symantec, FireEye, Bluecoat, etc
  • DLP (Data Loss Prevention) – Has to be comfortable with the technology concepts and deployment capabilities
  • Develop and maintain documentation for security systems and procedures
  • Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations
  • 6+ system security and testing experience
  • CISSP, SSCP, Offensive Security, CPT, and/or CEH certifications a plus
  • Experience with a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management
  • Cloud Security and experience with tools used for AWS security is a plus
  • CISSP or other security certification
143

Senior Security Analyst Resume Examples & Samples

  • Perform security master setup and maintain overall security master data quality
  • Accountable for ensuring data integrity for all portfolio securities
  • Oversee relationships with data vendors, escalating issues with service level agreements and data quality
  • Run daily fixed income and derivative pricing processes to ensure accurate portfolio valuations and congruence with various pricing sources
  • Investigate and resolve all data anomalies that would contribute to any valuation errors
  • Validate daily automated pricing across all asset classes. Investigate and remediate any stale or missing data points
  • Set tolerance thresholds to be used for daily evaluation of data health and quality checks
  • Serve as primary point of contact for portfolio managers, custodian and other related parties for all matters related to security setup, pricing and valuation
  • Provide strategic guidance and oversight of all initiatives aimed at improving the internal pricing processes
  • BA/BS with concentration in Finance, Accounting, Economics, Mathematics, Statistics, Computer Science, or related fields
  • 5+ years of experience in investment management operations, with focus on fixed income and derivative pricing and cash flow modeling
  • Proficiency with BlackRock Aladdin is required
  • Demonstrated experience with finance and accounting principles
  • Demonstrates knowledge of the creation, organization, and retention of transaction documentation
  • Strong quantitative and computational skills
  • Experience with electronic fixed income trading systems a major plus
  • Team oriented individual
  • Excellent communication and organizational skills required
  • Exceptional ability to manage tight timelines
  • Ownership and accountability for deliverables
  • Accomplish goals and objectives
  • Results and detail oriented
  • Ability to multi-task and execute under pressure
  • Internally driven and self-motivated
  • Intellectual curiosity, forward-thinking
144

Senior Security Analyst Resume Examples & Samples

  • Keeps current on security risks and trends
  • Architects Firewall & IDS/IPS deployment designs
  • Identifies possible risk points and recommends solutions
  • Does Add/Remove and modifications of Firewalls
  • Does Add/Remove and modifications of VPN Tunnels
  • Does Add/Remove and modifications of IDS/IPS functions
  • Analyze, troubleshoot, and investigate security related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
  • Provide off-hours support on a infrequent, but as needed basis
  • Should have either vendor or industry standard IT Security certification(s)
  • Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
  • Provide support for the Incident handlers as needed in response to information security related events
  • Can do packet captures as required and understands results
  • Must have thorough TCP/IP understanding
  • Has hands-on experience with network gear (Switches & Routers)
  • Understands routing protocols
  • Has working knowledge of modern cryptography
145

Senior Security Analyst / FSO Resume Examples & Samples

  • Must possess and maintain a US Government Security Clearance at the Top Secret levelor higher
  • Bachelor’s degree; a combination of college and work experience or 3-5 years related Industrial Security experience may be substituted in lieu of degree
  • Must have at least 2 years of experience as a DSS certified Facility Security Officer (FSO)
  • Must hold current FSO certification
  • Must hold current COMSEC Custodian certification
  • Must be experienced with JPAS, Intelligence Community processes and procedures and eQIP
  • Must be knowledgeable of the NISPOM and associated controls/obligations
  • Knowledge of contracts and associated DD254s
  • Demonstrated experience conducting business presentations
  • Must have excellent communication skills both oral and written