Job Title

IA-SoS- TS2-Information Security Analyst (605603)

Share This Job
Required Skills:

Job Description

Responsibilities include:
– Review vulnerability scan results and make recommendations to mitigate risk.
– Review system logs to determine information security risks and make recommendations to remediate.
– Review risk assessments and recommend changes in policy or procedure to improve compliance to security controls and/or security best practices.
– Facilitate completion of risk mitigation tasks by working with vendors and in-house staff. In some cases, conduct the risk mitigation task directly.
– Be familiar with security controls (CIS, for example) and analyze possible gaps in controls in SOS environment.
– Review daily information security news/alerts and understand how new vulnerabilities may affect SOS infrastructure.
– Lead person to conduct PCI compliance self-assessment questionnaire (in collaboration with other staff).
– Provide regular “information security training tips” to SOS staff that is relevant to current events and risk mitigation.
– Facilitate communication between SOS IT Staff and security vendors.

Daily review of security logs
• Ability to use a SIEM products/security dashboards to view and analyze data
• Ability to interpret log data to determine risk
• Ability to plan/facilitate/perform mitigation tasks

Review security risk assessments and plan/execute mitigation tasks
• Ability to prioritize mitigation tasks identified in risk assessment documentation
• Ability to plan/facilitate/perform mitigation tasks

Review security vulnerability scans
• Ability to prioritize remediation tasks identified in vulnerability scans
• Ability to show risks are remediated
• Ability to plan/facilitate/perform remediation tasks

Keep informed on daily security news and vulnerabilities
• Ability to understand how new vulnerabilities may affect SOS environment
• Prioritize/Facilitate/Plan remediation of new vulnerabilities that affect SOS environment

Security Controls
• Review security controls and analyze possible gaps in SOS environment
• Prioritize/Facilitate/Plan mitigation of security control gaps

• Lead staff person overseeing PCI compliance
• Responsible for PCI SAQ
• Responsible for tracking quarterly PCI vulnerability assessments
o Schedule, review, remediate issues

Information Security training
• Provide regular email/blog “security tips” so staff to improve their information security understanding and awareness
• Provide short presentations on information security topics as requested for division/department meetings

Other duties
• Work with leadership, technical staff to plan/execute proactive security plans
• Point of contact for SOS in working with firewall vendor
o Facilitate firewall upgrades
o Facilitate firewall reviews (IPS follow ups)
o Review firewall logs
• Review/Comment on security policy implementation

Tags: aircraft, engineer, services, technical, Work with leadership

Join Our Free Newsletter

Subscribe to our newsletter, Stay in the know about all Emaculate Solutions has to offer.

Have a Question?

We are here to help. Email us or call + 800-995-6573
Contact Us