Information Security Analyst, Manasquan, New Jersey

Please note: this is not a remote-based role

PRIMARY PURPOSE

The Information Security Analyst is responsible for assisting with the day-to-day operations of securing the organization’s various information systems. Managing the organization’s IT security and risk, as well as analyzing and identifying security solutions.

• Create and analyze security policies and procedures for the organization.
• Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur.
• Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business lines.
• Review, investigate, and respond to real-time alerts within the environment.
• Review real-time and historical reports for security and/or compliance violations.
• Monitor online security-related resources for new and emerging cyber threats.
• Utilization of security tools to validate remediation of vulnerabilities, and further examine the network landscape.
• Assesses new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments for all systems and networks.
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
• Manage systems owned by the Information Security Team.
• Develops and implements various documentation, procedures, and standards.
• Document internal procedures.
• Light Travel to branch sites may be required.
• Ability and willingness to work a flexible work schedule including in addition to normal business hours in a 24 x 7 support environment.
• Be on call after business hours.
• Other duties as assigned.

• Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
• Proficiency in security tools and technologies, including but not limited to:
  • SIEM platforms (e.g., Splunk, SecureWorks Taegis XDR, LogRhythm, QRadar).
  • Antivirus and endpoint security solutions (e.g., McAfee, Crowdstrike, Microsoft Defender).
  • Vulnerability management platforms (e.g., Nessus, Qualys, Rapid7).
  • Network security protocols, including VPN, and SSL/TLS
• Demonstrated expertise in utilizing Kali Linux for vulnerability assessment and security auditing. Ability to effectively leverage various tools within the Kali Linux ecosystem such as Metasploit, Nmap, Wireshark, and Burp Suite.
• Experience with cloud security best practices, including configuration management, data encryption, access controls, and network segmentation in popular cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
• Strong scripting and programming skills for automating security tasks (e.g., Python, PowerShell).
• Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.
• Working experience with creating, implementing, and managing a threat hunting program within a corporate environment.
• Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, COBIT, CIS and ISO.
• Be a proficient problem-solver that is able to work autonomously. Excellent interpersonal skills; ability to communicate effectively with all levels of personnel.
• Excellent organizational skills with the ability to prioritize and work effectively on multiple tasks.
• Strong technical aptitude, desire, and initiative.

• 3-6 years of experience in a security analyst or related position.
• Bachelor’s degree preferred in Information Technology and or specific industry related certifications.

WORKING CONDITIONS/PHYSICAL REQUIREMENTS

Office environment. Sitting for long periods of time. Daily use of wrists, hands, and fingers to use computer and telephone. Ability to hear and speak clearly for gathering and giving simple to complex information.

Disclaimer: This information describes the general nature and level of work performed by employees in this job. The description is not designed to be a comprehensive inventory of all duties, responsibilities, and qualifications required of employees in this job. Reasonable accommodation may be made to qualified, disabled individuals for the performance of essential duties and responsibilities.