Security Analyst
Security Analyst
THE DEPARTMENT:
The Helzberg Information Security Department is responsible for ensuring the confidentiality, integrity, and availability of sensitive company data, as well as protecting our organization' s digital assets from unauthorized access, use, disclosure, disruption, modification, or destruction. The Information Security team collaborates closely with various business units to ensure that cyber security is integrated into business operations and decision-making processes to not only ensure the safety and security of digital assets, but also regulatory compliance.
POSITION SUMMARY:
This position is responsible for providing first-level monitoring of computer-generated logs, assisting in the generation of security metrics reporting, assisting in the information security awareness program and assisting in the forensic data gathering related to security incidents. This position will be responsible for operating vulnerability scans and working with business partners to assist in the mitigation / remediation of identified vulnerabilities.
PRINCIPAL ACCOUNTABILITIES:
SUPERVISORY RESPONSIBILITIES:
The incumbent does not have any direct reports.
QUALIFICATIONS:
Working Hours:
COMPETENCIES:
Analytical Thinking, Customer Service Orientation, Information Security Principles, Technical Acumen, Integrity, Personal Accountability
The Helzberg Information Security Department is responsible for ensuring the confidentiality, integrity, and availability of sensitive company data, as well as protecting our organization' s digital assets from unauthorized access, use, disclosure, disruption, modification, or destruction. The Information Security team collaborates closely with various business units to ensure that cyber security is integrated into business operations and decision-making processes to not only ensure the safety and security of digital assets, but also regulatory compliance.
POSITION SUMMARY:
This position is responsible for providing first-level monitoring of computer-generated logs, assisting in the generation of security metrics reporting, assisting in the information security awareness program and assisting in the forensic data gathering related to security incidents. This position will be responsible for operating vulnerability scans and working with business partners to assist in the mitigation / remediation of identified vulnerabilities.
PRINCIPAL ACCOUNTABILITIES:
- Monitor and conduct analysis of computer logs and information within security platforms to identify suspicious or malicious activity and to ensure that security incidents are acted upon in a timely manner.
- Assist in training associates on enterprise security principles and best practices.
- Review and assess partner security documentation to confirm compliance with organizational standards and best practices.
- Ensure regulatory compliance by implementing key processes and supporting adherence to established security frameworks.
- Schedule and monitor vulnerability management processes and work with business partners to mitigate / remediate identified vulnerabilities.
- Coordinate and execute various internal audit functions related to system access reviews. The analyst will collaborate with business stakeholders to mitigate/remediate any items derived from the internal audit.
- Participate in rotational on-call night and weekend incident response support.
SUPERVISORY RESPONSIBILITIES:
The incumbent does not have any direct reports.
QUALIFICATIONS:
- Technical education degree or associate degree in a computer related curriculum or equivalent work experience.
- 2-4 years of experience in Information Technology required. Experience should include endpoint systems and security platforms.
- Strong knowledge of cyber security principles, practices, and technologies in areas of network & endpoint security; identity & access management; vulnerability management; encryption and data protection are required.
- Excellent analytical and problem-solving skills, as well as the ability to create concise documentation for both technical and non-technical resources.
- Strong interpersonal skills are a must as the position requires partnering with associates of various technical ability throughout the organization to solve complex issues.
- Exceptional organizational skills as the position requires the ability to handle multiple projects and carry out complex tasks independently.
Working Hours:
- Hybrid schedule with predictable onsite attendance required three or more days per week to perform essential functions involving interactive behaviors with co-workers and managers, operation or manipulation of equipment and/or materials located only on site, and direct interaction with internal and/or external customers.
- This position will also be required to participate in the departments after hours rotation for handling security alerts. It will require flexibility to work varying shifts during the evenings, weekends, and holidays. The department’s on-call schedule will be shared in advance.
COMPETENCIES:
Analytical Thinking, Customer Service Orientation, Information Security Principles, Technical Acumen, Integrity, Personal Accountability