Principal Information Security Analyst

BOSTON, MASSACHUSETTS

3/12/19

3/12/20

Description

The Principal Information Security Analyst will provide technical expertise, oversight, and leadership to client projects as part of the company’s new managed security services program focused on Private Client (Consumer) and Small Business customers. This individual will help design and deliver reports to clients that detail security threats to their IT environments. The analyst will also work collaboratively with Company Leadership to help select and deploy technical solutions that meet Client requirements to monitor Network and Endpoint data as part of Customer managed services agreements.

On a daily basis, this role will be expected to work in an agile and adaptable manner to tackle a variety of projects and different system environments. The individual will be expected to independently conduct security risk analysis, tune and optimize cyber-security systems (cloud based), and communicate results in written and verbal reports that are synthesized for a non-technical audience.

Duties & Responsibilities:
  • Conduct detailed technical analysis of Clients IT systems environments from Endpoint, Network, and other technical data
  • Assist with configuration of cybersecurity tools that are deployed in Clients environments, including Endpoint systems, Next-Generation Firewalls, Mobile Threat Detection solutions, and Email Security solutions
  • Manage end-to-end Client report delivery on a weekly and monthly basis detailing cybersecurity threats in Clients IT environments
  • Consult with company Management on refining managed services offering to meet Client requirements
  • Identify process improvements and implement solutions to existing processes
  • Design reporting standards and employ best-practices in cybersecurity analysis to provide quality products to non-technical audiences
  • Provide subject matter expertise on IT security technologies (endpoint, anti-virus, perimeter protections, network, IDS/IPS, etc.)
  • Research IT security trends and technologies and provide leadership and direction on future technology adoption and solutions
  • Perform other ad-hoc responsibilities related to IT security analysis and technology

Minimum Requirements

  • Bachelor's degree in Computer Science, Information Technology, Information Security, or related technical discipline 
  • At least 5 years of experience in the IT security sector, with experience implementing security initiatives 
  • Must have a strong background in Network and Endpoint security
  • Advanced skill in communicating technical concepts to a non-technical audience is required
  • Strong analytical and problem-solving skills

Desired Requirements

  • CISSP, CISA, GSEC, GCFA, GISP, or equivalent certification highly desired
  • Knowledge of Firewall technology from Checkpoint, Sophos, Fortinet, or other vendors is highly desired
  • Knowledge of Endpoint technology from Sophos, Endgame, Crowdstrike, or other vendors preferred 
  • Strong knowledge of access control policy, firewall policy, and end-user computing policy is strongly desired
  • Technical ability to configure Firewall and Endpoint technologies is strongly desired
  • Hybrid Cloud, Public Cloud, SaaS experience is strongly desired
  • Leadership experience related to information security
  • Familiarity with NIST and ISO standards pertaining to information security