Cyber Security Principal Analyst IV

Cyber Security Principal Analyst

Performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.

The Cyber Security Principal Analyst IV will bridge the gap between IT, Information Security, and the business in the EMEA region with respect to analyzing the security of the organization. They will engage with business leaders and users to understand the security impacts to the organization of changes to process, products, and services.

Duties and Responsibilities:

Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).

Maintain operational configurations of all in-place security solutions as per the established baselines.

Monitor all in-place security solutions for efficient and appropriate operations.

Performs advanced analysis of logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.

Leads in investigations into problematic activity.

Leads design and execution of vulnerability assessments, penetration tests and security audits.

Provide on-call support for end users for all in-place security solutions.

Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate.

Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Manager, where appropriate.

Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Requirements:

Bachelor's degree in IT, related technical discipline, or equivalent. Master’s degree preferred.

Minimum of 8 years of IT work experience and a minimum of 7 years of relevant technical experience.

Certifications related to specific in technical area of competency preferred. (For example, CCNP, MCSA, MCSD, CISSP, GSEC, GCIH, etc.).

Knowledge base acquired from experience in various relevant areas.

Fully proficient in applying established standards in focus and adjacent technical areas.

Ability to define highly complex and specialized projects, perform analysis, and make sound decisions.

Capable of managing varied assignments and work independently as well as instruct and coach other professionals.

Strong communication skills with all levels of the business (from User to Executives levels) and the ability to leverage knowledge of the appropriate approach and degree of detail for each.

Strong Practical fundamental knowledge of IT and Information Security principles and techniques, business unit products and services, industry standards and government regulations. Requires use of advanced techniques, procedures and criteria used for carrying out a sequence of discipline tasks.