Enterprise Security Analyst I
Requisition ID: 2021-17473
Enterprise Security Analyst I
The Boyd Group (Gerber Collision & Glass' parent company) is looking for an Enterprise Security Analyst I to design, implement, maintain, and support our security program and security systems. You will be a part of the Enterprise Security Team that is responsible for designing and developing scalable, maintainable, and highly available cybersecurity environment across applications, cloud services and infrastructure. In this position you will be an integral part of advancing the company’s Enterprise Security Program.
- Execute projects related to information security compliance, risk management, third party risk, privacy support, policy evolution, and security awareness support
- Remediate processes and procedures to report, identify, and prioritize risk remediation and ensure ownership and prioritization
- Monitoring of security access to critical systems
- Working with the Security Operations Center to respond to security alerts from critical systems and services
- Provide technical support in reviewing the the risks, alerts, and monitoring of log aggregators, Anti-virus servers, DNS security, email security, and other security services
- Help the organization to understand, categorize and prioritize security risks
- Identify areas of risk through gathering facts and partnering with other experts across the company, escalating issues, risks, and problems to leadership as needed and as appropriate
- Develop and maintain risk register contents and underlying workflows to track identified risks, risk owners and action plans for risk remediation
- Execute risk and compliance assessments, evidence gathering, controls testing, and craft risk memos
- Investigate security breaches and other cybersecurity related incidents
- Engage control owners and key stakeholders across the organization to collect and test evidence and assess compliance to various compliance requirements
- Work directly with the Manager, Enterprise Security to review and audit work.
- Configure and monitor alerting services
- Ensure vendor and employee adherence to standards
- Provide support, documentation, and guidance to vendors to ensure they are meeting their goals
- Indirectly manage the work of vendors to ensure proper quality and timeliness of work
- Assist in performing third party risk reviews of key partners and suppliers
- Proactively stay informed of industry and media research to keep current of the latest security issues, threats, and technical capabilities
- Contribute to Information Security Awareness efforts
- Demonstrate confident execution of industry frameworks for information security and privacy initiatives
- Ability to handle multiple complex projects simultaneous with overlapping deadlines
- Ability to perform patching on some systems as required.
- Work within a change control environment to effectively communicate, document, and implement change
- Take the necessary actions to meet daily/weekly/monthly goals and objectives
- Effectively communicate to all peers and supervisor
- Gerber Collision & Glass offers Medical, Dental, Vision, Short & Long Term Disability coverage, 401k with an anticipated employer match, life insurance, and Flexible Spending Accounts.
Background Profile or General Requirements:
- High School Diploma/GED and 2-5 years related work experience required
- Bachelor’s Degree in Computer Science or a related field preferred
- Security+ or related security certifications are highly preferred
- Penetration Testing experience is a plus
- Understanding of information security concepts, protocols, "industry best practices," strategies and ability to advise on process improvements
- Familiarity of a broad range of technical concepts: logical access control, network security, encryption, application security, and privacy
- Familiarity with security software products and audit tools used in distributed computing environments
- Knowledge of how to implement application-level security controls and mechanisms
- Understanding of various logging methods and security event terminology
- Familiarity with compliance frameworks such as CIS, NIST, PCI, CCPA, ISO 27001/2, SOC 2
- Experience reviewing Risk/Threat/Vulnerability assessments
- Experience working with internal and external audit groups to ensure compliance with appropriate regulations and data protection directives
- Familiar with Microsoft systems and associated vulnerabilities
- Understanding of patch management and while understanding business impacts
- Foundational understanding of networking, lateral movement through networks, and escalation of privileges in systems.
- Understanding of cloud and virtual environments as it pertains to cybersecurity such as Microsoft Azure and Amazon AWS, VMware, etc.
- Easily adaptable to a fast-paced environment
- Good decision making ability; sound judgment
- Good oral and written communication skills
Valuable savings and special offers on our auto body and auto glass services. Take advantage of these valuable savings exclusively available at Boyd Autobody & Glass.
We proudly stand behind our repair work for as long as you own your vehicle. Learn more about our Lifetime Guarantee.