IT Security Analyst

Under the direction of the IT Security Manager, the IT Security Analyst defends against Information Technology (IT) security/cyber security incidents; and identifies, analyzes, communicates, and contains incidents as they occur for

Chumash Enterprises.

This role and its function are part of the Information Technology shared services model. A Team Member in a shared service structure works within a dedicated business unit (including people, processes, and technologies) that is structured as a centralized point of service and is focused on defined business functions. These units typically serve multiple business groups enterprise wide, and typically have established Service Level Agreements.

• Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems.
• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization.
• Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
• Reviews alerts and data from sensors, and documents formal, technical incident reports.
• Works with threat intelligence and/or threat-hunting teams.
• Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Supports the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies.
• Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts.
• Correlates network, cloud, and endpoint activity across environments to identify attacks and unauthorized use.
• Researches emerging threats and vulnerabilities to aid in the identification of incidents.
• Provides users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Perform security standards testing against computers before implementation to ensure security.
• Upholds a work environment that promotes teamwork, partnership, recognition, mutual respect, and collaboration, while role modeling the company values, behaviors, and culture of One.Team.Chumash.
• Performs other duties as assigned.

• High School diploma or GED certificate.
• Bachelor’s Degree in Computer Science, Information Security, Cyber Security or equivalent work experience.
• Professional security management certification, such as a System Security Certified Professional (SSCP), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or other similar credentials is desired.
• Three years of experience in IT audit, enterprise risk management, penetration tester, red team/incident responder, or as an IT Security Analyst.
• Three years of experience with regulatory compliance and information security management frameworks, such as International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800.
• Advanced computer proficiency utilizing Microsoft applications, e-mail, and internet.
• Willingness to work flexible schedules in a 24/7 work environment.
• Native American hiring preference applies.
• Organizational Awareness: Having and using knowledge of systems, situations, procedures, and culture inside the organization to identify potential problems and opportunities; perceiving the impact and the implications of decisions on other components of the organization.
• Strategic Thinking: Understands and processes complex information and exercises sound judgment, considering the situation, the issues, the key players, and the levels of authority involved. Proposes courses of action that further the objectives, priorities, and vision of the organization.
• Usage of Technical Expertise:
• Oral Communication: Shaping and expressing ideas and information in an effective manner.
• Written Communication: Expressing ideas and opinions clearly in properly structured, well organized, and grammatically correct reports or documents; utilizing language and terminology that is understandable for the reader.
• Accountability: Accepting responsibility that results in anticipation/prevention of problem areas from actions, and problem solving inside and outside the department/organization.