Senior Information Security Analyst
$100,284 - $141,650/Yr
RTD - Denver, CO
posted 4 days ago
Full-time - Mid Level
Denver, CO
Executive, Legislative, and Other General Government Support
About the position
This position performs cybersecurity threat and vulnerability management in order to protect the organization's digital assets and technology. This includes detecting and responding to cybersecurity attacks and intrusions, performing threat detection, threat hunting, and incident response activities. Additionally, this position will manage the identification and remediation of enterprise system and application vulnerabilities and make recommendations to improve cybersecurity controls.
Responsibilities
- Analyzes and responds to alerts from cybersecurity tools, such as firewalls, security information and event management (SIEM), vulnerability management, end point detection and response (EDR), other security threat data sources and escalations from managed security service providers.
- Performs incident handling and response for alerts determined to be malicious through investigative analysis.
- Conducts threat hunting by analyzing security system logs, security tools, and available data sources to identify attacks and future use cases.
- Conducts risk and vulnerability assessments of new and existing technologies.
- Analyzes, recommends, implements and documents improvements to IT and OT environment to address security gaps and improve cybersecurity technology.
- Installs, administers, and troubleshoots cybersecurity protection and/or detection systems.
- All job-related duties as assigned.
Requirements
- Bachelor's degree in Information Technology, Information Assurance, Business Administration, or Risk Management field of study preferred. Required Bachelor's degree if degree is not related to preferred disciplines.
- ISC2 and/or SANS certifications or similar security, risk, or security management certifications preferred.
- A minimum of five years of experience designing, implementing, or monitoring information security controls.
- A minimum of two years of experience performing incident response and/or forensic investigations.
Nice-to-haves
- Proficiency in a range of computer operating systems, hardware, and software.
- Proficiency in network systems and architecture.
- Proficiency in principles, practices, and tools related to threat detection, event correlation, and logging systems, with substantive experience in threat detection and incident response.
- Proficient with Microsoft Office Suite.
- Ability to communicate effectively, orally and in writing.
- Ability to use sound judgment.
- Ability to manage time and workload effectively which includes planning, organizing, and prioritizing with attention to details.
Benefits
- Diversity, equity, and inclusion in the workplace.
- Reasonable accommodation requests related to employment.
