Logo
Canadian Bank Note Company, Limited

IT Security Analyst

Canadian Bank Note Company, Limited, Danville, Virginia, United States, 24540


Description

Internal Job Title:

IT Security Analyst

Job Type:

Permanent, Full-Time

Job Location:

United States

Work Model:

Remote/Hybrid

***Must be a US Citizen***

Position Summary

Are you a skilled and experienced security professional with a passion for ensuring the highest standards of information security? Join our team as an IT Security Analyst, where you'll play a pivotal role in safeguarding our organization's assets.

In this dynamic role, you will be responsible for compliance evidence collection, SIEM setup and management, Technical Security Analysis and fostering collaborative efforts within our security team. You will draw on your real-world, industry experience and the knowledge from our broader team that will help facilitate your ongoing success. Although the role is primarily focused on operations, you'll be engaged in cross-functional project deliverables and collaboration with other teams in delivering security solutions.

If you enjoy variety and think beyond your job description, you'll succeed here. As part of the team, you'll facilitate and nurture our customers' success stories. So, if you're looking for the chance to work for a global technology company, explore new career opportunities, and deliver exceptional work to your customers, we want to hear from you!

Key Responsibilities

Compliance Evidence Collection and Gap RemediationCollaborate with Risk and Compliance personnel to gather evidence for Compliance requirements (SOC II, ISO 27001, PCI, NIST 800-53, etc.).Develop and implement processes for evidence collection, ensuring accuracy, completeness and timeliness in response to audit requests.Collaborate with stakeholders to address compliance gaps and implement corrective actions.Security Incident and Event ManagementDesign, implement and maintain automated processes within the SIEM environment to enhance threat detection, incident response and log management.Collaborate with cross-functional teams to integrate security controls and enhance the overall effectiveness of the SIEM solution.Develop and maintain automated responses to common security incidents.Technical Security Analysis

Due to the team's responsibilities, you may also get involved in the following:Incident Detection and ResponseMonitor SIEM alerts and investigate security incidents to determine the root cause and appropriate remediation actions.AutomationDesign, implement and maintain automated security processes to enhance efficiency and reduce response times.Vulnerability ManagementPrioritize and remediate identified vulnerabilities in collaboration with system owners and IT teams.Security DocumentationCreate and maintain documentation related to security policies, procedures and configurations.Collaboration and CommunicationCommunicate security risks and findings to technical and non-technical audiences effectively.Build relationships with stakeholders across groups to understand needs and requirements and the associated notification process.Responsible for maintaining a high level of operational excellence for solutions and services.Qualifications

Mandatory

US Citizenship4+ combined years of experience in an IT role1+ years of experience in an IT Security related role.3+ years of experience in an Operations related role.Experience with Enterprise Linux/Unix and/or Windows.Experience with two or more of the following technologies or categories:Vulnerability Management (Scanning, Reporting)SIEM - Network and Agent-based (Installation, Operation and Triage)Centralized Log ManagementEnterprise Linux/Unix based Operating SystemsExperience collecting evidence for Compliance Frameworks (NIST 800-53, SOC II, ISO 27001, PCI, etc.).Knowledge and Experience

University degree or College diploma in Computer Science or related field is preferred.SANS, ISACA or GIAC certification is preferred.Experience with a GRC Tool is highly desired.Experience with Cloud Environments (Azure, AWS, etc.)Knowledge of Security technologies (Identity and Access Management systems, Multi-Factor Authentication, Encryption, ITIL Frameworks, and traditional perimeter and endpoint security technologies)Experience or participation in Open-Source communities/technologies is considered and asset.Experience in various programming languages is considered an asset (Bash, PowerShell, Python 3, Ruby).Skills and Abilities

Proficiency in Microsoft 365 Enterprise.Excellent communication skills (verbal and written)Can-do attitude, passion, and an out of the box mindset towards solving problems.High degree of personal confidence, enthusiasm, and drive.

We are an Equal Opportunity Employer. We're committed to providing a work environment that is free of unlawful discrimination, harassment and retaliation based on race (including traits historically associated with race, including hair texture, hair type, and protective hairstyles such as braids, locks, and twists.), religion, creed, color, sex, age, national origin, ancestry, sexual orientation, gender identity (transgender status), veteran status or disability, domestic partner status, marital status, disability, AIDS/HIV status, weight or any other basis.