IT Security Operations Analyst
Shaker Heights, OH 44122
Provides application level support and manages vendor relationship for enterprise security applications. Identifies, researches, and resolves technical problems that arise within enterprise security applications.
- Recommends, tests, schedules and implements upgrades and patches that may affect UH as well as the enterprise security applications and the servers they reside on.
- Design and optimize Active Directory components including script generation, evaluation, and organizational adherence to policies
- Coordinate with system and application owners to remediate threat vulnerabilities and develop methods to measure and report on remediation progress.
- Experience developing identity management strategies, architectures and implementation plans
- Hands-on security applications tool management, and security policy administration
- Review IPS and Network Monitoring alerts. Initiate Incident Response Team as needed and coordinate with teams as necessary. Perform forensic research and images as needed.
- Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
- Analyze system logs and other event logs to detect nefarious activity
- Research and resolve first tier problems via Service Desk Trouble Tickets.
- Document processes for IT security operations (IDS/IPS, firewall changes and maintenance, etc)
- Serve as a liaison to IT&S network security, applications support, operations support, new project development teams, as well as its change control committee, etc.
- Track reports, including computer security incidents and guides the investigation and resolution of such incidents
- Design and implement processes to monitor and manage server security, from file sharing to remote console access to application security.
- Hours commensurate with standard system administration responsibilities including 24 x 7 production support on a rotating basis. Performs occasional night/weekend work as assigned/needed.
- Ability to coordinate, analyze, observe, make decisions, and meet deadlines in a detail-oriented manner. Partner with other teams as needed.
- Contribute to the vision of information security tools and processes with an eye toward the future
- Associates or Bachelors Degree with a focus in Information Technology preferred.
Credentials, Licensure or Certification (i.E. RN, RRT):
Microsoft (MCP, MCSE), Citrix, CISSP, Cisco, VMWare, A+, Security+, or similar preferred but not required.
Experience & Knowledge:
- Five years IT experience and one two year of IT security preferred.
- Prior experience working in a security operations center environment
- Prior experience analyzing security events (IPS, NAC, email security, NGAV, Vulnerability Management DLP, URL filtering SIEM
- Strong analytical, interpersonal and communication skills required to work effectively with IT&S, Law, Compliance, and clients
- Ability to effectively document processes required.
- Must be self-starter who is inspired by technology, highly organized, and ability to work with minimal supervision
- Strong background in maintaining operational computer and network security, scripting languages, and Active Directory.
- Excellent skills with Microsoft Office Suite required.
Special Skills & Tools Knowledge:
- Strong knowledge of Active Directory required.
- Previous experience with Active Directory auditing tools and alerts preferred.
- Experience with scripting languages (e.G. Powershell, VB, C#) preferred.
- Previous experience with end point protection tools (e.G. Antivirus, Antispam) preferred.
- Previous experience with IPS, network monitoring tools, and FW rule sets preferred
- Previous experience with Web Filtering products preferred.
- Experience with Windows Server and Unix preferred.
- Previous experience with BES and other mobile device management environments preferred.