Job Summary:
Reporting to the Manager IT Security, the IT Security Analyst has a mission to respond to security events and incidents, as well as to prevent attacks and threats to company assets and resources.
As the Security Analyst, you must possess and develop foundational knowledge of various attack vectors and threats. A key component for the analyst is to create documentation and procedures in the form of incident reports, lessons learned, executive summaries, KPIs, and awareness training that will help the organization address risks and defend against all forms of threats and attacks.
Main Duties and Responsibilities:
- Analyze events that are triggered due to security threats or incidents.
- Develop and prepare reports regarding security events.
- Review security alerts from internal and external sources then determine the organizational impact.
- Analyze suspicious emails, and phishing attempts, and make determinations on required actions (i.e. mail gateway black listing or other security actions).
- Manage security-related tickets within the ticketing system to meet time-sensitive requirements.
- Prepare the initial steps to enact a computer emergency response team (CERT) for critical or severe cases.
- Monitor the Security Information and Event Management (SIEM) for security incidents and other security-related concerns.
- Perform installation of security agents on servers /workstations and troubleshoot.
- Monitor System and User behaviour to quickly identify security-driven events with the least amount of time-lapse.
- Ensures the vulnerability scanner(s) are operating to scan systems for potential security vulnerabilities and works with the responsible teams to mitigate issues.
- Threat hunting, looking for indicators of compromise and possible attacks against the company.
- Participate as a Subject Matter Expert (SME) on roadmaps from lessons learned based on security incidents.
- Review Security Configuration Baselines for both Operating Systems and Applications to ensure a defense in-depth model can be maintained within the organization.
- Plays an integral part in the security tool tuning and verification process as an SME to improve the Security and Event Monitoring (i.e. limiting false positives, low-impact incidents or other related focuses).
Qualifications
- Deep understanding of the market landscape for enterprise technology solutions.
- Thrives on change, showing an impressive ability to drive the IT security strategy forward.
- Expert, high-level knowledge of legacy and emerging technology landscape.
- Understanding of key infrastructure technologies and associated architectural considerations.
Education:
- Bachelor’s degree or an equivalent combination of education and experience is required.
Work Experience:
- 3+ years of experience in delivering or managing information security services at an enterprise level.
- Technical experience across security domains.
- Experience in planning, implementing, and assisting in the testing of security controls.
- Effective organizational skills (including attention to detail) and the ability to implement change.
Technical Skills:
- Experience and deep knowledge of relevant legal and regulatory requirements, such as Export Control regulations and General Data Protection Regulation (GDPR).
- Strong knowledge and understanding of security frameworks, including ISO27001, CoBIT, Center for Internet Security (CIS) and ITIL.
- CISSP, CISSP-ISSAP, CISM desired.
Language / Communication Skills:
- Excellent communication skills including strong verbal presentation skills.
- Ability to communicate security concepts to technical and non-technical audience and able to interact with all levels of the organization.
- Exhibits self-motivation to perform to the highest standard of excellence.
Please submit applications in English. Please include your salary expectations within your CV.
Job Dimensions
Geographic Responsibility: Global
Type of Employment: Full-time
Travel %: 0%
Internal Relationships: Peers, and business customers
External Relationships: Vendors, technology consultants
Budget / Revenue Responsibility: 0
Organization Structure
Direct Line Manager (Title): Manager, IT Security
Number of Direct Reports: 10
Estimated Total Size of Team: 5
gategroup Competencies Required to be Successful in the Job:
- Thinking – Information Search and analysis & problem resolution skills
- Engaging – Understanding others, Team Leadership and Developing People
- Inspiring – Influencing and building relationships, Motivating and Inspiring, Communicating effectively
- Achieving – Delivering business results under pressure, Championing Performance Improvement and Customer Focus
Demonstrated Values to be Successful in the Position
Employees at gategroup are expected to live our Values of Excellence, Integrity, Passion and Accountability. To demonstrate these Values, we expect to observe the following from everyone:
- We treat each other with respect, and we act withintegrity
- We communicate and keep each other informed
- We put our heads together to problem solve and deliverexcellenceas a team
- We have passion for our work, and we pay attention to the little details
- We foster an environment of accountability, take responsibility for our actions and learn from our mistakes
- We do what we say we will do, when we say we are going to do it
- We care about our coworkers, always taking an opportunity to make someone’s day better
The above statements are intended to describe the general nature and level of the job being
performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. gategroup reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Candidates may be required to go through pre-employment drug screen, criminal check and/or airport fingerprinting.
gategroup – an equal opportunity employer. We are committed to workforce diversity and actively encourage all qualified persons to seek employment with us, including, but not limited to, racial and ethnic minorities, women, veterans and persons with disabilities.