Hard Rock International

Returning Candidate?

IT Security Analyst

IT Security Analyst

Requisition Number 
2017-3385
# of Openings 
1
Job Locations 
US-NJ-ATLANTIC CITY
Posted Date 
7-12-2017
Department 
Information Technology

More information about this job

Overview

The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

Responsibilities

  • Maintains a comprehensive Systems Security Authorization database that encompasses all platforms and systems.
  • Keep current with emerging security alerts and issues.
  • Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
  • Participate in investigations into problematic activity.
  • Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
  • Design, implement, and report on security system and end user activity audits.
  • Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
  • Recommend, schedule (where appropriate), and work with Applications, System and Network administrators to apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
  • Provide on-call security support to end-users.
  • Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
  • Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Officer, where appropriate.
  • Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Information Security Officer, where appropriate.
  • Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Information Security Officer, where appropriate.
  • Manage and/or provide guidance to junior members of the team.

Qualifications

  • A Bachelor’s degree in Information Systems, IT Security or equivalent training and experience is required.
  • At least five years’ equivalent work experience in a technical analytical position.
  • Project management skills a definite asset.
  • Strong understanding of the organization’s goals and objectives.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Highly self-motivated and directed, with keen attention to detail.
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize tasks in a high-pressure environment.
  • Strong customer service orientation.
  • Experience working in a team-oriented, collaborative environment.
  • College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
  • Certification or equivalent work experience in utilizing ITIL or other IT Best Practice Framework.
  • One or more security certifications such as CISSP, CEH, CompTIA Security+, and GIAC Security Essentials are highly desirable.
  • Knowledge of NIST, PCI, and ISACA standards are highly desirable.
  • Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, vulnerability scanning and other industry-standard techniques and practices.
  • Understanding and basic knowledge of TCP/IP, Routing and Routed Protocols, DNS and Windows and Linux operating systems.
  • Knowledge of ISO 27000.