Security Analyst

Lbmc Financial Services, LLC

Brentwood, TN

JOB DETAILS
SKILLS
Administrative Skills, Agile Programming Methodologies, Analysis Skills, Audiovisual, Best Practices, Campaigns, Capability Maturity Model Integration (CMMI), Change Management, Cloud Computing, Communications Security (COMSEC), Computer Firmware, Computer Science, Computer Security, Detail Oriented, Digital Certificates, IAM - Information Assurance Management, ISO (International Organization for Standardization), ITIL (IT Infrastructure Library), Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Leadership, Maintain Compliance, Mentoring, Microsoft Active Directory, Microsoft Windows Azure, Microsoft Windows Operating System, Organizational Skills, Penetration Testing, Phishing, Problem Solving Skills, Procedure Development, Project Tracking, Protocol Independent Multicast (PIM), Reporting Skills, Risk, Risk Analysis, Risk Management, Sarbanes-Oxley Act (SOX), Security Analysis, Security Attacks, Security Design, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Security Software, Software Development, Software Development Lifecycle (SDLC), Software Patches, Standards Organizations, Team Player, Technical Analysis, U.S. National Institute of Standards and Technology (NIST), Vulnerability Scanners
LOCATION
Brentwood, TN
POSTED
4 days ago

OPPORTUNITY

The Security Analyst role is a part of the LBMC Enterprise Department which helps service the firm company wide. This individual will be responsible for ensuring that security operational and project activities are maintained as well as recommending appropriate remediation measures to minimize cybersecurity risks. The position will work closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Analyst will also work to continually monitor compliance aspects, assisting in risk assessments, monitoring, and security projects to support effective implementation and support. You will be joining a progressive office in Nashville and receiving mentorship and support from seasoned industry professionals in the market.

SCOPE OF WORK

  • The Security Analyst will work with IT and non-IT teams to make certain procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices
  • The individual will use security software to obtain important data for reporting capabilities
  • Assist with the investigation and response to security alerts
  • Analyze security problems, design, and assist in implementing effective solutions
  • Review security logs and assist technical analysts in interpreting these logs
  • Work directly with ISO to facilitate cybersecurity risk management processes and activities by reporting on inherent risks and arriving at acceptable levels of residual risk
  • Assist in the Vulnerability Management Program and work with the IT team to continually review the results of vulnerability scans, patching updates, and penetration tests to provide an 'as is' cybersecurity risk assessment of IT assets
  • Conduct risk reviews for new applications, developed code, and other related areas prior to implementation and production to ensure minimal risks or exposure
  • Responsible for phish campaign monitoring
  • Report possible threats or software issues
  • Research weaknesses and determine ways to counter them
  • Assist fellow employees with cybersecurity, software, hardware, or IT needs
  • Carry out and support information security plans and policies
  • Respond to, investigate, and assist in recovery efforts related to a security breach
  • Assist in Security Awareness training development and support
  • Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls
  • Participate and follow the change management process
  • Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed, or directed
  • Assist in testing new software and firmware, as needed, or directed

IDEAL CANDIDATE PROFILE

  • Bachelor's degree in Information Systems, Computer Science, Information Security or related field
  • Minimum of 1-3 years progressive experience in IT risk, Cybersecurity risk management, IT Audit, or information security risk management, with an emphasis on cybersecurity technology implementation projects or related technology implementations
  • Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR, IDS/IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.
  • Strong understanding of each phase of the (S)SDLC and project delivery under Agile methodologies
  • Cloud computing security in Azure/Windows environments, risk assessments, security controls definition, control procedure appropriateness, security capabilities identification
  • Working knowledge of a broad range of standards and frameworks: International Standards Organization (ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Model Integration, laws and standards (e.g., NIST, GDPR, Sarbanes-Oxley)
  • Understanding of SOC 2, Type II audits
  • Strong knowledge of all aspects of information security within the Analyze, Prevent, Detect, and Respond domains
  • Must be highly analytical and detail-oriented, with organizational skills to manage assigned work to completion

About the Company

L

Lbmc Financial Services, LLC