IT Security Analyst

The IT Security Analyst will be responsible to monitor and detect risks to the organization, identify sources and methods of attack, locate and preserve electronic evidence as needed. The candidate should have the skill set to analyze, recommend, develop, implement and maintain systems and processes that protect business and client information. Responsibility can consist of performing risk assessment, security analysis, and developing remediation plans. Able to work with little supervision while supporting security programs as part of the security response team. Good written communication skills required as person will be responsible for preparation of formal reports. 

This position will be based our of Epson Portland, with a hybrid schedule.  At Epson, our hybrid schedule is only 6 days per month.  This allows you to work remotely the majority of the time if you prefer.

Summary of Duties:

• IT Security Administration: Primary goal is to reduce downtime and maintain the capacity for future growth due to security issues within Systems and Networks.
• Ensures that processes, standards, policies and procedures is align with IT standards and overall security.
• Documentation: Create and maintain comprehensive documentation for all implemented security systems/networks and update for each systems/network changes.
• Engage in projects related to information security
• Provide assistance in the implementation, maintenance, and monitoring of the information security program into in-scope operational areas (gap analysis, risk assessment, third party assessments, procedure/specification development, execution of recurring procedures, incident response)
• Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry best practices.  
• Experience working with multiple operating systems, with expert level knowledge of Linux, Windows, and OS X 
• Experience securing and supporting cloud based infrastructures (e.g. Amazon AWS and Google) including being familiar with cloud security automation tools (Cloudwatch, CloudCheckr, Evident.io, Cloud Conformity, or similar tools)
• Support processes to identify security vulnerabilities with networks & systems; provide technical advice & support to ensure vulnerabilities is address promptly.
• Support, implementing and maintaining internal procedures to ensure data security, including incident response handling
• Evaluating and improving the existing internal security framework and compliance within the organization
• Understand current as well as emerging security threats and assist security architecture to mitigate threats where possible.
• Work with owners to collect evidence deliverables on a regularly scheduled basis and maintain the schedule.
• Suggest design enhancement for internal controls, such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity
   

Qualifications

• Minimum 3 to 5 years of experience in information technology security or equivalent combination of education and experience 
• CISSP, CISA or SANS GIAC certification (working towards or achieved certification preferred)
• Understanding of application, network, operating system, and core infrastructure security concepts and concerns
• Knowledge on security monitoring tools such as UTM, IPS, IDS CASB, PAM and other security solutions is preferred
• Understanding of WAN, MPLS, and technologies such as VoIP beneficial
• Working knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST
• Must be willing to work outside normal business hours as needed.