Cybersecurity Analyst

Essential Functions:

• Develop operational response processes documentation for security operations
• Develop comprehensive and accurate reports and presentations for all levels of the organization
• Effectively communicate findings and strategy to stakeholders including technical staff, executive leadership, and legal counsel
• Recognize and safely utilize attacker tools, tactics, and procedures
• Administer technical security tools for vulnerability management program and provide reports to application owners and
• stakeholders
• Conduct vulnerability scans on a regular cadence and as needed for incident response activities and effectively communicate
• findings
• Maintains the integrity and security of enterprise-wide IT systems and networks
• Analyzes penetration test reports to develop and implement remediation plans with cross-functional teams
• Supports security initiatives through both predictive and reactive analysis
• Actively respond to escalated alerts from MSSP
• Manages business client relationships effectively in order to efficiently resolve reported security incidents
• Manage internal Email Security and mail flows through the 0365 Defender platform for the Enterprise
• Assists in the optimization of enterprise-wide security efforts
• Assist in the management of required network security changes and adhere to the processes and procedures in place for Change Management
• Consistently delivers tasks in support of IT strategies, projects, and initiatives
• Leverages readily available resources to create cost-effective security solutions
• Ensures full network coverage and accurate reporting on all security tools
• Identifies, evaluates, and reports security vulnerabilities to prioritize the mitigation of potential threats and minimize the overall attack surface
• Research emerging cyber security threats and apply necessary countermeasures to maintain a proactive security posture
• The Analyst is a subject matter expert responsible for managing threats, disseminating information, and handling, responding to, and investigating all incident escalations from the ABM Security Operations Center.

Required Qualifications:

Education:

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.

Experience:

• 5 years’ experience in IT and security operations and incident response
• Knowledge of 0365 Defender, Rapid7, VMware, SNOW, Microsoft Sentinel
• Strong understanding of privileged access controls
• Strong understanding of the NIST CSF and required controls
• Technical security certifications or academic background a plus.
• Strong verbal and non-verbal communication skills
• Able to effectively manage simultaneous security initiatives
• Demonstrates collaboration across interfacing teams and functions
• Strong critical thinking and advanced troubleshooting abilities
• Self-starter that can work efficiently both independently and with teams

Licenses:

• Preferable, but not required: SEC+, GCIH