You are an IT Security Analyst who is excited to use the latest technologies. You thrive in a rapidly changing environment. You are positive, reliable, self-motivated and a team player. You are knowledgeable about IT security, collaborative and results driven. You have effective communication skills and are able to document clearly. You are ready to take on increased responsibility and the next big step in your career.
What You’ll Do:
· Support the ongoing and near real-time monitoring, analyzing, investigating, tracking, and remediating of IT Security events and incidents across the enterprise in an overall effort to minimize the potential for a breach of security and loss of data.
· Monitor IT Security events and reports daily for suspected malicious activities and/or behaviors (servers, security applications and devices, firewalls, antivirus, MDM, IDP/IPS, etc.); investigate, validate, and help mitigate or tune IT Security alerts based on their risk and priorities.
· Support day-to-day IT security operations. Work closely with the other IT teams, Business leaders and the Capri IT Security Team to mitigate IT Security related issues as required.
· Evaluate vulnerability scans to identify weaknesses and potential IT security related threats and/or violations.
· Ensure Capri IT Security policies and procedures are understood and followed by members of IT and Business.
· Help document and maintain security and emergency policies, procedures, and tests.
·
Educate IT and the business around security policies and consults on security issues regarding user built/managed systems.
· Perform Vendor Risk Assessments on new solutions and technologies.
· Collaborate in the review, evaluation and design phases of IT, IT security and data privacy solutions.
· Generate reports and presentations to document and communicate results to peers and team members.
· Provide support during regulatory audits and help respond to regulatory inquiries (MLPS, PIPL, SOX, PCI, etc.)
You will need:
· Knowledge of or experience with industry compliance standards such as MLPS, PIPL, NIST, ISO, SOX, PCI-DSS
· Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
· Prioritize and execute tasks efficiently, working in a fast-paced environment and managing time effectively.
·
Making appropriate independent decisions, while keeping others appropriately informed.
· Knowledge of penetration testing principles, tools, and techniques
· Support security projects activities and security related events.
We’d Love to See:
· Bachelor’s degree in computer science/information systems/cyber security, or related field or equivalent work experience.
· Knowledge of infrastructure server/networking concepts and fundamentals.
· Preferred certifications include Security+
· Experience with SIEM monitoring systems.
Knowledge
· Ability to define and build documents using MS Office products (Word, Excel, Power Point, Project, Visio).
· Strong communication skills, both oral and written, with the ability to convey clear and concise thoughts and ideas
· Excellent time management skills including the ability to manage multiple tasks at any given time.
· Ability to analyze problems and propose solutions.
· Innovative thinking and vision