Gerber Collision & Glass is seeking a Security Analyst to design, implement, maintain, and support our security program and security systems. You will be a part of the IT Infrastructure team that is responsible for designing and developing scalable, maintainable, and highly available infrastructure to support business objectives and defined SLAs.
Take the necessary actions to meet daily/weekly/monthly goals and objectives.
Configure and monitor alerting services.
Provide support, documentation, and guidance to vendors to ensure they are meeting their goals.
Lead the development and deployment of security policies and standards. Ensure vendor and employee adherence to standards.
Work with stakeholders to build security programs and attain key industry certifications (SOC 2 Type I, Type II, PCI).
Periodically work with Director of IT Infrastructure to review and audit vendor work.
Assist in the design of a data warehouse that can support thousands of geographically dispersed users with minimal interruptions and maximum fault tolerance.
Provide deep (Tier-3+) resolution for complex security issues across network and systems devices.
Provide technical expertise in the setup, optimization, and monitoring of log aggregators, Anti-virus servers, DNS security, email security, and other security services.
Ability to handle multiple complex projects simultaneous with overlapping deadlines.
Ability to orchestrate mass changes through a combination of industry tools and scripting.
Work within a change control environment to effectively communicate, document, and implement change.
Build runbooks for various servers to allow for effective Service Desk and “remote-hands” troubleshooting.
Architect monitoring solution to allow for rapid response to security issues from both vendors and internal resources.
Ability to effectively function and contribute in a team setting.
Easily adaptable to a fast-paced environment.
Solid understanding of vulnerability management programs.
Be able to asses threats, document fix actions, and prioritize risk.
Ability to perform patching on some systems as required.
Thorough understanding of Microsoft systems and associated vulnerabilities.
Thorough understanding of networking, lateral movement through networks,and escalation of privileges in systems.
Understanding of cloud environments such as Azure and AWS.
Understanding of virtual environments and associated networking (VMware, Citrix, etc).
High School Diploma/GED and 6-8 years related work experience required.
Bachelor’s Degree in Computer Science or a related field preferred.
MCSE or related Windows certifications highly preferred.
ITILv3 Certification or experience working in an ITIL environment preferred.
At least 3 years hands-on experience with Microsoft Servers.
Penetration Testing experience a plus.
Security Program Management testing a plus.