|Company||Midland Credit Management|
|Preferred GIAC Certifications||GISP, GIAC, GSOC, GCDA, GMON|
|Salary||$100-$125k/yr plus bonus|
|Contact Name||Joyce Pead|
The Senior Information Security Analyst guides in the areas of cybersecurity system administration, production support, uptime monitoring, performance and efficiency, as well as analysis of data from these systems and tools. This role, at the senior level, brings a level of integrity and business focus to optimally apply and support multiple technologies focused at the network, system, and application levels of modern computing environments and manage related information security threats. This position additionally will be involved in several different computing environments, including data centers, Microsoft Azure, Amazon Web Services, as well as productivity suites such as Microsoft365.
Perform cybersecurity tool administration and production support of technologies and process used to enable a high degree of cybersecurity efficiency
Participate in technical design reviews, integration, testing, and documentation work
Responsible for technical advisory to peer Information Technology teams
Run vulnerability scanning tools, access administration technologies, intrusion prevention tools, firewalls, anti-malware, end point encryption and detection/response tools, as well as web application firewalls, logging, and security event and incident management technologies
Apply system security administration principles to deliver effective solutions to application, database, operating system, cloud infrastructure, and embedded device administration
Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend improvements, research, and draft cyber security process and run books
Configure Windows and Linux host-based security as well as network and cloud-based security systems
Support with the installation and configuration of network security architectures, including firewalls, router ACLs (Access Control Lists), web content filters multi-tier architectures
Observe, analyze, and respond to cybersecurity tooling alerts.
Collaborative analysis and response with internal and external partners, vendors, and contractors.
Research security vulnerabilities and define and implement appropriate countermeasures
Define and analyze critical metrics and KRIs for cybersecurity tooling
Continual optimization of cybersecurity tooling through continuous service improvement process
Assist our Encore entities with achieving and maintaining compliance with various information security frameworks (i.e. NIST Cybersecurity Framework, FFIEC, ISO 27001, etc.) and with industry and government rules and regulations as they relate to IT/security (e.g. SOX, PCI DSS).
Bachelor's Degree in Computer Science, Information Systems, Information Technology, Software Engineering or equivalent experience
5 years plus of Information Security experience
Experience with comparable technology in categories; tool administration, alert triage, and trend analysis
Drive improvement with internal and external partners
Monthly and quarterly calls with vendor on performance and key metrics
Information Security Certification(s) GISP, GIAC, GSOC, GCDA, GMON are preferred.
Multi-national company experience and incident response experience is also preferred.