Security Analyst III

Posted 1 day ago by Rachel Silver

Company Details

Allegheny County

Pittsburgh, PA

FTE only

Description

Under the direction of the Security Manager, the Security Analyst III performs two core functions for the enterprise. The first is the day-to-day operations of in-place network and cloud security solutions, including on-premises systems and cloud security controls. The second is the identification, investigation, and deployment of new network and cloud security solutions. Secondary tasks may include involvement in the implementation of new security solutions across on-premises and cloud environments, and participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures.

Duties:

Strategy & Planning

Leads the planning and design of enterprise security architecture. Conducts third-party security reviews. Participates in the creation of enterprise security policies, standards, baselines, guidelines, and procedures. Evaluates cloud security posture and contributes to the development of cloud security strategy aligned with organizational risk tolerance.

Acquisition & Deployment

Maintains up-to-date detailed knowledge of the IT security industry, including awareness of new or revised network and cloud security solutions, improved security processes, and the development of new attacks and threat vectors. Recommends additional network and cloud security solutions or enhancements to existing network security solutions to improve overall enterprise security. Performs the deployment, integration, and initial configuration of all new network security solutions and of any enhancements to existing network and cloud security solutions in accordance with standard best operating procedures and the enterprise’s security documents.

Operational Management

Maintains operational configurations of all in-place network and cloud security solutions. Monitors all in-place security solutions for efficient and appropriate operations. Reviews alerts from security solutions and network monitoring systems and interprets the implications of that activity, devising plans for appropriate resolution. Collaborates with the appropriate vendors or internal teams to facilitate security audits and investigations into problematic activity; Resolves any discovered network security problems. · Performs other duties as required or assigned.

Knowledge, Skills, and Abilities

Knowledge of:

Firewall rule components and construction. IP, TCP, UDP, IPSEC, HTTP and HTTPS. Static and dynamic routing including BGP. PKI, encryption, and authentication protocols. Cloud security concepts including the shared responsibility model, cloud IAM, network segmentation in cloud environments, and data protection in cloud storage. Zero Trust security principles and their application in hybrid cloud environments.

Skill in:

Microsoft Office products. Firewall rule management. Incident Response. Security tool enhancement such as SIEM tuning. Azure Security Concepts and Administration.

Ability to:

Communicate effectively orally and in writing. Conduct research into IT security issues and products as required. Present ideas in business-friendly and user-friendly language. Demonstrate analytical and problem-solving abilities. Prioritize effectively. Be self-motivated and self-directed. Be team-oriented and skilled working within a collaborative environment. Express keen attention to detail. Ability to travel within Allegheny County as required. Work a 40-hour on-site work week with occasional off-hours work.

How to Apply

Please log in or sign up to view this posting's application instructions.