Cyber Security Analyst

Company: Ozarks Electric Cooperative

Updated: 9/18/2019


POSITION SUMMARY The cyber security analyst will work with information and operational technology teams to implement, audit, and improve cyber security controls to reduce risk. He or she will use and maintain cyber security tools necessary to ensure the secure operation of the network. He or she will demonstrate comprehensive knowledge of cyber security tools and best practices based on PCI, CIS, NISC security frameworks. REPORTING RELATIONSHIPS Reports to: Cyber Security Architect Supervises: None MAJOR RESPONSIBILITIES Assist with implementing security controls and practices across the company; identify, analyze and mitigate risks as appropriate. Support the delivery of IT security-related reporting and metrics. Assist with analysis, development, and implementation of processes, procedures, and tools to enable continuously auditable compliance with cybersecurity policies and industry best practices. Participate in periodic and on-demand system audits, risk assessments, vulnerability assessments, and third-party security reviews to ensure that business partners, applications, networks, and infrastructure components adhere to security standards and policies. Participate in the creation of information security documents (policies, standards, baselines, and work instructions) Assist in implementation and maintenance of cybersecurity tools. Administer and review security systems such as SIEM, FIM, IDS/IPS, Whitelisting, and Anti-malware. Help conduct investigations into information security incidents, assist in root cause analysis and corrective/preventative actions, and recommend mitigation techniques Perform vulnerability scanning. Analyze and assess vulnerabilities in the infrastructure (software, hardware, networks), investigate and implement countermeasures to resolve or mitigate detected vulnerabilities. Research, test, and recommend information security products based on cost/benefit and risk reduction methodologies. Assist with security awareness and training programs. Develop and manage positive, productive working relationships with internal stakeholders. Knowledge and a basic understanding of Mac, Windows, server and desktop operating systems, Mobile devices (IOS), concepts of LAN/WAN's Research cyber threats to stay aware of emerging threats. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies. Contribute, as a team member, to all other risk, security, and privacy initiatives and services as appropriate. The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be an exhaustive list of all responsibilities. EXTERNAL RELATIONSHIPS Vendors, Consultants, and Technology Companies: To evaluate and implement software/hardware systems, monitoring, and reporting tools. To design and implement methods and procedures for testing, inspecting, monitoring and reporting. To report software malfunction, resolve hardware and software issues, and to stay up-to-date on current technology. To partner with outside consultants, as appropriate, for independent security audits. POSITION REQUIREMENTS Job Knowledge, Training and Education: Bachelor's degree in computer information systems or related technical field and/or five or more years of related work experience and training or an equivalent combination of education and experience is required. Relevant technical training or certifications in compliance, security, analysis, and design highly desired. Knowledge of cyber security principles and best practices. Leadership and project management experience in IT infrastructure areas such as cyber security, servers, or networking is preferred. Equipment Operated: Routine office equipment. Abilities and Skills: Must be able to perform complicated research, reporting, application and process analysis, and querying of data. Strong attention to detail. Impeccable written and verbal communication skills. Problem Solving, Process Improvement, Project Management, and Reporting. Physical Effort: Occasional lifting, up to 30 pounds, required. Normal vision and hearing required. Working Conditions: Work is performed in an office environment with higher and/or longer noise level than average. Weekends, evening hours, overtime and/or overnight travel may occasionally be necessary. OzarksGo, LLC, is an EOE/AA/W/M/VETERAN/Disability employer. For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.