IT Cybersecurity Analyst
Overview:
We are looking for an experienced professional to assume the critical role of IT Cybersecurity Analyst within our organization. The ideal candidate will have extensive hands-on experience in cybersecurity tools such as CrowdStrike, Cylance, Tenable, Rapid7, and/or Mimecast. The successful candidate will also have experience working with third-party Managed Security Service Providers (MSSPs). This role will have the responsibility of monitoring the IT operations environment continuously to identify any vulnerabilities, respond to security incidents, and make recommendations for remediation.
Responsibilities:
- Implement, monitor and manage cybersecurity tools including CrowdStrike, Cylance, Tenable, Rapid7, Varonis, and/or Mimecast, to identify and respond to security threats.
- Setup and maintain cybersecurity monitoring operations in partnership with external Managed Security Services Provider (MSSP), and perform triage to determine scope, urgency, and potential impact of security incidents and/or vulnerabilities.
- Investigate and analyze security incidents, escalating and coordinating response efforts as necessary, and as defined in the Incident Response Plan (IRP).
- Maintain the Incident Response Plan (IRP) and keep it up to date.
- Perform root cause analysis on each security incident and make recommendations to mitigate similar incidents in the future.
- Identify and analyze vulnerabilities and make specific and prioritized recommendations for remediation and mitigation solutions.
- Conduct regular network penetration testing to assess vulnerabilities and recommend security enhancements.
- Proactively search for threats using Computer Network Defense (CND) tools including intrusion detection system alerts, firewall and network traffic logs, and host system logs.
- Implement and manage an enterprise SIEM tool.
- Generate detailed reports on security assessments, incidents, and ongoing security activities, and develop, track, and report on relevant cybersecurity metrics on a regular basis.
- Collaborate with infrastructure, network, applications, integrations, and BI teams to secure system, network, and application architectures.
- Review the cybersecurity program with Governance, Risk and Compliance teams and provide them with requested cybersecurity reports and metrics.
- Make improvements and suggestions to advance the overall security processes in place.
- Develop, implement, and maintain security policies, procedures, and best practices.
- Maintain the internal information security awareness site and ensure that up to date and relevant training material and information is available.
- Promote a strong cybersecurity culture within and outside of IT.
- Stay current with the latest cybersecurity trends, threats, and best practices.
Qualifications:
- Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Comprehensive understanding of cybersecurity principles, practices, and technologies.
- Proven experience in cybersecurity role with tools such as CrowdStrike, Cylance, Tenable, Rapid7, Varonis, and/or Mimecast.
- Hands-on experience with network penetration testing, vulnerability assessments, and remediation strategies.
- Strong knowledge of network protocols, system vulnerabilities, and attack vectors.
- Experience deploying and working with cybersecurity tools in Microsoft Azure and Microsoft 365.
- Experience working with an enterprise SIEM tool.
- Experience analyzing log files and correlating security related events.
- Demonstrated strategic thinking, problem-solving, and decision-making abilities.
- Excellent communication and interpersonal skills, with the ability to distill complex technical concepts into clear, concise communications.
- Ability to independently prioritize competing initiatives and manage multiple tasks simultaneously in a fast-paced environment.
- Exceptional time management skills.
- Experience working with third-party Managed Security Services Providers (MSSPs) is highly desirable.
- Experience with NIST Framework is highly desirable.
- Relevant certifications such as CEH, CISSP, OSCP, CISM, CompTIA Security+ or equivalent is highly desirable.
Key Energy Services (Key) is an equal opportunity employer. Key does not discriminate against any applicant or employee based on race, color, religion, sex, sexual orientation, disability, national origin, age, genetic information, military status, status as a Vietnam-era or special disabled veteran, or any other basis protected by federal, state, or local laws.