Share this Job

IT Information Security Analyst

Date: Sep 14, 2021

Location: Birmingham, AL, US, 35222

Company: Birmingham Water Works

Job Title:  IT Information Security Analyst                                                 Department: Information Technology

                    

Reporting Relationship:  IT Manager                                                           Exempt Status:  Exempt

Grade:  45

 

General Responsibilities:

 

Maintains a constant focus on detecting and preventing cyber threats to the company computing environment. Seeks to identify weaknesses of the company computing infrastructure (software, hardware, networks) and find creative ways to protect it. Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.  May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Work closely with IT department staff, guidance from the Senior IT Information Security Analyst and the IT Department Manager. Serve as an internal company lead for responding to business impacting computer security breaches and viruses.

 

Essential Job Functions:

 

  1. Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
  2. Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
  3. Implement, assess and monitor security controls and conduct risk assessments to include: configuration change, security impact analysis, vulnerability audits and security configuration checks.
  4. Plan, implement, and upgrade security measures/controls
  5. Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction
  6. Maintain data, monitor security access, perform diagnostics for security problems and identify/mitigate security risks
  7. Perform vulnerability testing, risk analyses and security assessments
  8. Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
  9. Conduct internal security audits
  10. Anticipate security alerts, incidents, and disasters and reduce their likelihood
  11. Collaborate technically with infrastructure team to manage network, intrusion detection, prevention systems and encryption measures
  12. Analyze security breaches to determine root cause
  13. Recommend and install appropriate tools and countermeasures
  14. Define, implement and maintain corporate security policies and procedures
  15. Collaborate with the appropriate BWWB areas to train fellow employees in security awareness and procedures
  16. Maintain professional relationship with vendors

 

 

MINIMUM QUALIFICATIONS

Education:

 

Bachelor’s degree in Information Technology, Computer Science, Cyber Security or a related technical field.  

 

 

Experience:

 

Three to five years of experience specifically in a security analyst job for computing infrastructure environment for a medium to large size company.

 

Key areas of experience expected for this position:

  1. Penetration testing and vulnerability testing & remediation
  2. Anti-virus and anti-malware
  3. TCP/IP, computer networking, routing and switching
  4. Firewalls, proxies, IDS, IPS, and security appliances
  5. Windows, UNIX and Linux operating systems
  6. Network protocols and packet analysis tools
  7. Comprehension of development & scripting languages (C#, VB, Python, C, .NET)
  8. Cloud computing and Cloud Security
  9. Security Information and Event Management (SIEM), Log analysis, Event collection & correlation
  10. Incident response and handling
  11. Policy and Procedure writing
  12. Experience in regulations or compliance with HIPAA and PCI
  13. Knowledge in Information Security Framework (NIST, COBIT)

 

Supervision:

NONE

 

Certificates, Licenses, Registrations

 

In combination with required work experience, one or the following certifications are required, and others are highly preferred:

  • CCNA
  • Security Plus
  • CEH Certified Ethical Hacker
  • ECSA EC-Council Certified Security Analyst
  • GSEC / GCIH / GCIA GIAC Security Certifications
  • CISSP Certified Information Systems Security Professional

 

 

Design

  • Generates creative solutions;
  • Translates concepts and information into images;
  • Uses feedback to modify designs;
  • Applies design principles; Demonstrates attention to detail.

Strategic Thinking

  • Develops strategies to achieve organizational goals;
  • Understands organization's strengths & weaknesses;
  • Analyzes market and competition;
  • Identifies external threats and opportunities;
  • Adapts strategy to changing conditions.

Quality

  • Demonstrates accuracy and thoroughness;
  • Looks for ways to improve and promote quality;
  • Applies feedback to improve performance;
  • Monitors own work to ensure quality.

Judgment

  • Displays willingness to make decisions;
  • Exhibits sound and accurate judgment;
  • Supports and explains reasoning for decisions;
  • Includes appropriate people in decision-making process;
  • Makes timely decisions.

Planning/Organizing

  • Prioritizes and plans work activities;
  • Uses time efficiently;
  • Plans for additional resources;
  • Sets goals and objectives;
  • Organizes or schedules other people and their tasks;
  •  Develops realistic action plans.

Professionalism

  • Approaches others in a tactful manner;
  •  Reacts well under pressure;
  • Treats others with respect and consideration regardless of their status or position;
  •  Accepts responsibility for own actions;

 

 

Physical Demands:

 

Ability to stand, sit or walk for extended periods of time

Ability to stoop, kneel, crouch or crawl

Reaching by extending hand(s) or arm(s) in any direction

Finger dexterity required by manipulating objects with fingers rather that whole hand(s) or arm(s), for example, using a keyboard

Communications skills using the spoken word

Ability to see within normal parameters

Ability to hear within normal range

Ability to move about

Ability to lift up to 50 pounds

Overtime often required

Rotating shift work

 

Working Environment:

 

                        Quiet, professional office

Periodic exposer to cold temperature in data center.


Nearest Major Market: Birmingham