Description

The Cyber Security Analyst / Specialist is responsible for protecting the organization's computer systems and networks from cyber-attacks, theft, and damage. The Cyber Security Analyst/Specialist will work closely with the organization's IT team and management to implement and maintain security measures, detect, and respond to security threats, and educate employees on safe computer usage practices.

Key Responsibilities:

• Implement and maintain security measures: Implement and maintain security measures, such as firewalls, antivirus software, and encryption, to protect the organization's computer systems and networks.

• Detect and respond to security threats: Monitor the organization's computer systems and networks for security threats and respond to security incidents in a timely and effective manner.

• Educate employees on safe computer usage practices: Educate employees on safe computer usage practices, including the use of strong passwords, avoiding phishing scams, and the importance of reporting security incidents.

• Conduct security audits: Conduct security audits to identify and evaluate the organization's security posture, and recommend improvements as needed.

• Stay current with emerging threats: Stay current with emerging security threats, including new types of malware, phishing scams, and other attack methods.

• Collaborate with IT team: Work closely with the organization's IT team to ensure that security measures are aligned with the organization's technology needs and are effective in protecting the organization's systems and data.

• Communicate security risks to management: Communicate security risks to management and make recommendations for reducing or mitigating these risks.

• Develop security policies and procedures: Develop and maintain security policies and procedures to ensure compliance and the protection of the organization's systems and data.

• Detailed knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) cyber security requirements and guidance, cyber security related risk management techniques

• Bachelor's degree in an IT related subject matter area from an accredited college or university and 7+ years of experience in an IT related position with at least 5 years being in an operational cyber security specific role (e.g., information system security manager, information system security officer, cyber security specialist) or have 10 years of experience in an IT related position with at least 7 of those years in an operational cyber security specific role.

• 5+ years of experience in cyber security, with experience in protecting computer systems and networks from cyber-attacks.

• Strong technical background, with a good understanding of computer systems, networks, and security technologies.

• Excellent analytical skills, with the ability to identify and evaluate security risks and threats.

• Strong problem-solving skills, with the ability to identify and resolve complex security issues.

• Excellent verbal and written communication skills, with the ability to communicate security risks and solutions to both technical and non-technical stakeholders. Experience working with external audit teams is desired.

• Relevant certifications, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Penetration Tester (CPT), are highly desirable.

• Knowledge of relevant laws and regulations related to cyber security, including data privacy laws, and experience in ensuring compliance with these laws.