OPEN JOB: Information Security Analyst - Danbury, Connecticut - $100,000 to $115,000
Danbury, CT · $100,000 to $115,000
OPEN JOB: Information Security Analyst LOCATION: Danbury, Connecticut
***onsite Monday to Thursday. Fridays are currently remote. SALARY: $100,000 to $115,000 RELOCATION ASSISTANCE AVAILABLE INDUSTRY: Pharmaceutical / Biotech
Ideal Candidate
Implemented information security framework like CIS or NIST
Implemented and managed security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk
POSITION SUMMARY:
The Information Security Analyst is a pivotal, hands-on role. This position is dedicated to ensuring the integrity and security of all data across both on-premises and cloud-based applications. As an on-premises role, the analyst will be actively engaged in resolving technical issues from inception to resolution. A strong technical /infrastructure background is required.
Principal Responsibilities:
Implement and maintain the Center for Internet Security (CIS) Controls framework to maintain robust security protocols and procedures.
Implement and manage security measures for information systems to prevent breaches, detect vulnerabilities, and manage risk.
Conduct regular system audits to ensure compliance with security standards.
Proficiency in AI and its application in data security and protection strategies
Collaborate with IT teams to integrate security practices into the development lifecycle.
Provide training and guidance to IT staff on cybersecurity best practices.
Stay abreast of the latest cybersecurity trends and technologies.
Assist with updating and reviewing SSP (System Security Plan)
Develop controls such as firewalls, business systems, data leakage protection systems, patching, encryption, vulnerability scanning, remediation as well as advises and implements configurations for a variety of security tools.
Evaluate, categorize, and remediate security events and vulnerabilities before they become security incidents.
Identify security gaps discovered through ongoing monitoring of all information security controls and propose enhancements to security controls and implement them fully.
Participates in cybersecurity projects to ensure that the delivery is on-time and adopted to meet the company's information protection requirements.
Maintain relationship with Managed Security Services Provider
Own vulnerability management with categorizing, evaluating risk and implementing the remediation steps to closure.
Patch management for servers and endpoints.
On call rotation for emergency related events due to outages, cyber events, etc.
This is a hands-on, technical role that requires a robust background in infrastructure technologies to assess and deploy solutions.
Education and Experience Qualifications:
BA/BS degree relating to information technology, compliance, information management, infrastructure and/or information security and a minimum of 5 to 7 year's work experience.
Candidates must possess analytical skills, which evolved from training in Cybersecurity, Information Systems, Computer Science, helpdesk/infrastructure, or similar discipline.
Experience managing Rapid7.
Experience managing NextGen AV systems.
Hands on experience running AI models.
Experience with information security framework models such as CIS Framework, NIST, etc., implementing and auditing security measures, security response, and incident management.
Working knowledge of network switches, routers, firewalls and VPN, network security, administration of DLP, antivirus, antimalware, IDSIPS, SIEM, SMTP, Email security, AD, Group Policy, DNS, DHCP, and VLANs.
Knowledgeable in security best practices such as encryption, hashing, vulnerability scans, event log monitoring, intrusion detection and prevention, eDiscovery, and content filtering.
Ability to oversee, resolve, and consistently enhance the vulnerability management program.
Ability to propose and implement solutions for closing identified vulnerabilities.
Knowledge of cloud providers' security (AWS, Google Cloud Platform, or Azure).
Prior experience managing EDR solutions.
Prior experience with SIEM, configuration management, hardening, and vulnerability scanning
Experience with identity access management systems (IAM)
Previous experience in a HIPAA and FDA regulated environment preferred.
If you are interested in pursuing this opportunity, please respond back and include the following:
MS WORD Resume
required compensation.
Contact information.
Availability
Upon receipt, one of our managers will contact you to discuss the position in full detail.