Information Security Analyst Role Description

Scientific > Information Security Analyst

Low	Medium	High
82230.0000	92880.0000	105550.0000

Candidate Supply: 5,178 Job Openings: 1,717

0 50 100

More Difficult Less Difficult

Enter City, State to view local salaries and candidate demand.

Provide guidance and expertise in risk management regarding the protection and security of digital assets in the cloud and on-premise.
Design and develop Information Security Architectures to prevent unauthorized access to our information and data breaches.
Develop and implement information security policies and procedures; develops security guidelines and safe practices for Funds'-wide computing and networking systems and maintain the documentation.
Manage, maintain, and monitor security technologies such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, host forensics, malware analysis, web application firewalls, and proxy solutions.
Manage real-time threat detention technologies to identify and quarantine threats, Monitor Endpoint Security Alerts, and take corrective action.
Minimize security threats by examining governance, technology infrastructure, and facilities to identify security deficiencies, use risk analysis, and follow up with a corrective action plan.
Monitor internal control systems to ensure appropriate access levels are maintained and protect against unauthorized system access, modification, and destruction.
Review security-related reports, logs, and occurrences; escalate issues and initiate security response procedures.
Create and review vulnerability reports, track compliance with vulnerability management policies, and escalate.

Education: Bachelor's degree, preferably with a solid academic record.
Experience: Extensive knowledge of current security threats, techniques, and landscape. Strong understanding of internal control concepts and policies. Strong knowledge of Incident Analysis and Response concepts and techniques
Network Experience: Working knowledge of IT infrastructure, including network devices and architecture, TCP/IP, network protocols, server operating systems, vulnerability scanning, endpoint protection, intrusion detection, firewalls, and content filtering.
Miscellaneous: Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, VMware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc. Various social engineering and penetration testing approaches/tools for vulnerability identification, enumeration, and exploitation to determine security networks, systems, and application security configuration

Education: Most of these occupations require a four-year bachelor's degree, but some do not.
Related Experience: A considerable amount of work-related skill, knowledge, or experience is needed for these occupations. For example, an accountant must complete four years of college and work for several years in accounting to be considered qualified.
Job Training: Employees in these occupations usually need several years of work-related experience, on-the-job training, or vocational training.
Job Zone Examples: Many of these occupations involve coordinating, supervising, managing, or training others. Examples include real estate brokers, sales managers, database administrators, graphic designers, conservation scientists, art directors, and cost estimators.