IT Security Analyst

Hewlett Packard Enterprise - Alpharetta, GA

Full-time
Role and Responsibilities

Maintain a thorough understanding of the company’s systems and learn the weaker points of the systems. Recommend ways to improve a system’s security through both hardware and software. Set up countermeasures that protect the systems when an unauthorized user attempts to gain access to the systems. Role requires staying up to date with the latest security standards, systems and authentication protocols, as well as best practice security products.

Main responsibilities:
Reviewing current systems security measures and recommending and implementing enhancements
Review and undergo gap analysis of the existing security architecture and make recommendations on improvements
Plan security architecture changes and help create project management recommendations
Perform penetration testing on new and existing application architecture
Keep up-to-date on the latest security standards
Document security procedures for LANs, WANs, and VPNs
Troubleshoot and Solve security related issues when assistance is requested from the technical engineering team
Mitigate damages during a security incident and respond to threats quickly
Designing and implementing security solutions for IT on-premises, co-location, and cloud environments
Extensive implementation experience with securing relevant technologies (such as Networks, LANs and WANs, Servers & Hosting, Virtualization (Vmware), Storage, Applications, Identity Management, log management etc.)
A sound understanding of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level
Analyze and triage information and intelligence from multiple threat sources
Participate in the building, testing, and operation of multiple information security systems and tools
Develop, communicate and implement technical security standards for different platforms
Maintain technical security requirements from regulatory bodies such as PCI, SOX, and ISO standards
Flexibility in work schedule with periodic on-call standby rotation
Preferred Experience

Experience in a medium to large enterprise organization
Knowledge of information security principles and practices, including any of the following: security risk assessment standards, risk assessment methodologies, and vulnerability assessment
Certification(s) in the areas of networking, security, VoIP, or Video over IP based technologies
ITIL - Foundation or higher training
ISO 27000 family of certification is preferred
Excellent analytic, organization, presentation, and facilitation skills
Ability to manage multiple tasks under tight deadlines
Demonstrated experience working with technical and non-technical staff
Ability to analyze development and implementation requirements, and make appropriate recommendations based on customer's requests
Experience working with IT governance documentation including identifying gaps between policy/procedure and current practice
Experience working with other teams to create new processes and procedures to meet security and compliance requirements
Experience performing reviews of user access permissions
Experience performing risk assessments to identify and prioritize risk in systems and applications
Experience conducting or responding to IT audits
Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change

Extensive knowledge and experience with the following:
IP and IP Related protocols
Micro segmentation
Network devices and use cases
OSI Model
EIGRP, BGP
RBAC, ACL, MAC
Routers/Switches
DNS
DHCP
SCADA systems
Multi-tiered defense strategies
Datacenter
VPN
IPSEC, SSL
Firewalls – Palo Alto, Cisco ASA and NextGen
Identify management and authorization LAN/WAN principals
IPS/DLP
Anti-Virus/Anti-Malware
Hardware virtualization XenServer/XenApp, Hyper-V, KVM
Storage Protocols
Fiber Channel
Active Directory
VoIP
Scripting/Automation
Linux
Experience in defining new architectures and ability to drive project from architecture standpoint
Working closely with internal stakeholders as well as customer teams
Expert ability in application service concepts (REST, load-balancing, SMTP, LDAP, AD, Kerberos, SSO, etc.)
Understanding of security technologies (Digital Certificates, TSL/SSL, LDAP, PKI, etc.)
Experience with hybrid cloud environments (VPN, DirectConnect, DNS, etc.)
Strong hands-on capability in scripting, environment design, and both system and network troubleshooting
Deep experience with Linux, AWS, security, and networking best practices
Windows and Linux Server operating system experience
Network Firewall experience
Experience with network security tools (IPS, IDS, SIEM, etc)
Works with people beyond giving and receiving instructions, maintaining effective working relationships
Performs under stress, dealing with persons acting under stress
Occasionally lift items weighing up to 40 pounds.
Qualifications and Education Requirements

Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability

Expert-level understanding of security protocols, cryptography, authentication, authorization and security

Good working knowledge of current IT risks and experience implementing security solutions

Experience implementing multi-factor authentication, single sign-on, identity management or related technologies

Ability to interact with a broad cross-section of personnel to explain and enforce security measures

Excellent written and verbal communication skills

Preferred certifications:
CISSP-ISSAP or GSEC+GCIH+GCIA, CEH

CCNA or ACMP

ITIL v3 Foundation or higher

Cyber Security related certification(s) such as: CISSP, CISM, CISA, CREST Technical Security Architect, GSE

Minimum 3 years of proven UNIX, Windows and/or network administration experience, including system hardening. At least 3 years of Security Analyst or Security Solutions Consultant including but not limited to vulnerability assessment, intrusion detection, incident response, system audit, and support for compliance audits (e.g. PCI-DSS, SOX, ISO27001).

Must understand and demonstrate following security technology and concepts: File Integrity Monitoring, Firewalls and IDS/IPS functionality, server hardening, security incident qualifiers, risk assessment ranking, application security concepts and protocols, network level security concepts, data encryption standards and implementation.

Additional Notes

Ideal candidates will be a self-starter, capable of multi-tasking, Work in fast paced highly technical environment, with experience in multiple information security disciplines, and the ability to use different security tools.

Seniority Level

Expert / Mid-Senior Level

Industry

Information Technology & Network Services

Employment Type

Full-time

Travel

20% of the time

Job Functions

Other

1043820