Reporting to the Director, Information Security & SaaS Operations, the Cyber Security Analyst will be responsible for the prevention, detection and response to cyber threats to Virgin Pulse systems and networks. The role will be focused on preventing, identifying and remediating weaknesses and vulnerabilities across our technical infrastructure and applications.
- Minimum 7 years experience with MS Windows and Linux operating systems.
- Minimum 5 years experience working with DNS, routing, authentication, VPN, proxy and DDOS mitigation technologies.
- Experience working within SaaS / PaaS environments (AWS, Azure or similar).
- Minimum 2 years experience coordinating, reporting on and remediation network, web and mobile application pen tests.
- Experience in network monitoring, packet capture analysis and network troubleshooting.
- Exposure to incident response including forensics and event review.
- Experience working in fast paced, team-oriented and collaborative environments in a SaaS organization.
- Demonstrated ability to serve as a “hands-on” lead for technical security aspects of information security programs.
- Hand on experience with common security tools such as IDS/IPS, Network and Host-based firewalls, DLP, Metasploit and Nexpose.
- Knowledge of programming languages and command shell scripting.
- Must understand Information Security including security threats, vulnerabilities, attacks, responsible groups, motivations and techniques.
- Maintain security for enterprise systems and identify issues that could compromise confidentiality, integrity or availability of data across the enterprise.
- Work within the security alerts ticketing system, ensuring alerts are triaged or escalated within appropriate timeline.
- Coordinate and perform vulnerability and penetration testing of web, mobile apps and networks, working with engineering teams to plan and document remediation activity.
- Anticipate security alerts, incidents and disasters and recommend, plan and implement controls to reduce likelihood.
- Recommend and install appropriate tools and countermeasures.
- Contribute on the design, development and implementation of new analytic methods for detecting threats.
- Verify that application software/network/system security controls are implemented as stated, documents deviations, and recommends required actions to correct those deviations.
- Manage and administer updates to rules and signatures within security applications.
- Lead and participate in risk and vulnerability scanning, log file analysis and correlation and audits, reporting findings clearly in relation to implications for existing infrastructure and applications.
- Serve as a member of the CIRT as SME for investigation, escalation, and coordination of information security incidents, including planning, designing and testing procedures.
- Provide Information Security guidance to project teams across the business for requests from internal users, vendors and clients, serving as SME for projects requiring security risk assessments.
- Remain up to date with advances in cyber security technology.
- Work with Information Security Analysts to develop metrics to benchmark security tool performance to identify trends and recommend improvements where required.
- Work with IT Ops and DevOps teams to troubleshoot issues with existing security and privacy protection protocols.
- Develop positive working relationships with business and technical functions involved in security and privacy matters.
- Carry out any supplementary tasks, as needed to support the broader Technical Operations function.
Competencies, and Characteristics
- Ability to build relationships and communicate effectively with peers within differing organizational functions.
- Ability to prioritize and execute tasks in a high-pressure environment and take direct instruction during emergency situations.
- Excellent written and verbal communication skills.
- Analytical thought process.
- Ability to learn systems and processes quickly.
- Strong project management skills and ability to engage in multiple initiatives simultaneously.
- A self-starter, with excellent time management skills and the ability to prioritize work in a dynamic environment.
- Ability and maturity to excel in an environment where a certain degree of creativity and latitude is expected.
- Certifications such as Certified Ethical Hacker, CompTIA Security+ or GIAC GSEC, GCIH, GCIA desirable.
- Ensure system and data security is maintained at a high standard, ensuring the confidentiality, integrity and availability of the Virgin Pulse information assets, systems and networks is not compromised.
- Ensure industry best practice information security and privacy standards are and the high level information security objectives are adhered to and achieved.
- CISM / CISSP or similar certification is desirable but not essential.
General office environment in which work is usually performed in a sitting position and may require stooping, kneeling, reaching, lifting and carrying.
- On-call availability for any critical information security incidents
- Sitting for extended periods of time.
- Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components.