Junior Security Analyst

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

SUMMARY

The Junior Information Technology (IT) Security Analyst will be responsible forassisting with two core functions for the enterprise.

The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security breaches detected by those systems.

Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well asassisting with conducting vulnerability audits and assessments.

The Junior IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

ESSENTIALREQUIREMENTS

One or more of the following certifications :

CompTIA Security+

GIAC Information Security Fundamentals

Microsoft Certified Systems Administrator : Security

Associate of (ISC)2

KEY DUTIES AND RESPONSIBILITIES

Essential Duties and responsibilities include the following. Other duties may be assigned.

Strategy and Planning

Participates in the planning and design of enterprise security architecture.

Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).

Participates in the planning and design of a risk management plan, enterprise business continuity plan and disaster recovery plan.

Analyze and Develop

Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

Assists in analyzing security events and incidents to identify potential threats or breaches.

Assists in the review and impact processes for all incoming cyber security information : bulletins, vendor notifications and communications from government sources.

Determine if CNI is affected and then lead the resolution processes if necessary.

Works with security analysts to recommendadditional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Operational Management

Helps ensure that up-to-date baselines are maintained for the secure configuration and operations of all in-place devices e.

g. security tools, workstations, servers, network devices, etc.

Assists with conducting vulnerability assessments and penetration testing on computer systems, networks, and applications.

Assists with evaluation and remediation of user-reported malicious email

Collaborates with security analysts to develop and implement security policies, procedures, and standards

Participates in incident response tasks, partnering with 3rd party SOC, cyber security insurance vendors, and internal resources.

Collaborates with cross-functional teams to ensure compliance with relevant regulatory requirements and industry standards.

Assists in conducting risk assessments to identify potential security weaknesses and recommend appropriate controls.

Assists in the deployment and management of security tools, intrusion detection systems, and antivirus software.

Participates in incident response activities, including investigating security incidents, documenting findings, and recommending remediation actions.

Stays up-to-date with the latest security trends, vulnerabilities, and industry best practices.

Assists in conducting security awareness training sessions for employees to promote a culture of cybersecurity awareness.

Monitors and maintains all operational configurations of all in-place security solutions as per the established baselines.

Reviews logs and reports of all in-place devices. Interprets the implications of that activity and devise plans for appropriate resolution.

Participates in the design and execution of vulnerability assessments, penetration tests, and security audits.

Provides on-call support for end users for all in-place security solutions; this can be 24x7 support.

Assists in creation and maintenance of a patching schedule; work with technical teams to develop patching priorities.

Assists the Information Security Compliance Manager with developing relevant security data reports.

Assists the Information Security Compliance Manager with managing the security training system and confirming completion of training by all employees.

Assists in the creation and maintenance of plan, policy, and procedure review schedule for the Enterprise.

Responsible for aiding in own self-development by being available and receptive to all training made available by the company.

Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.

OTHER DUTIES

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job.

Duties, responsibilities and activities may change at any time with or without notice.

EDUCATION AND EXPERIENCE

Bachelor's degree inComputer Scienceandup to three(0-3)years relevant experience, or equivalent combination of education / experience.

JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES

Strong understanding of networking concepts, operating systems (Windows / Linux), and common security technologies (firewalls, IDS / IPS).

Familiarity with vulnerability assessment tools (e.g., Nessus, OpenVAS) and penetration testing methodologies.

Familiarity with security tools and their use in detection and remediation efforts (e.g. Sentinel One, Arctic Wolf, Forcepoint)

Knowledge of security frameworks and standards (e.g., NIST, RMF).

Excellent problem-solving and analytical skills with the ability to think critically and make sound decisions.

Strong written and verbal communication skills to effectively communicate technical concepts to both technical and non-technical stakeholders.

Ability to work independently as well as collaboratively in a team environment.

Must be highly motivated and detail orientated.

LANGUAGE SKILLS

Ability to read, analyze and interpret common scientific and technical journals, financial reports and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies or members of the business community.

Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups and / or boards of directors.

MATHEMATICAL SKILLS

Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry.

Ability to apply concepts such as fractions, percentages, ratios and proportions to practical situations.

REASONING ABILITY

Ability to define problems, collect data, establishfacts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job.

Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and / or controls.

Required to speak and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and / or move up to 10 pounds and occasionally lift and / or move up to 25 pounds.

Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus.

Exposed to general office noise with computers printers and light traffic.

CNI CORE COMPETENCIES

Responsible for the integration of CNI Core Competencies into daily functions, including commitment to integrity, knowledge / quality of work, supporting financial goals of the company, initiative / motivation, cooperation / relationships, problem analysis / discretion, accomplishing goals through organization, positive oral / written communication skills, leadership abilities, commitment to Affirmative Action, reliability / dependability, flexibility and ownership / accountability of actions taken.

COMPLIANCE

Promotes and encourages a culture of compliance with all applicable rules (federal, state, local, Federal Acquisition Regulations, Code of Federal Regulations, Prime Contract requirements, etc.

for themselves and the company as a whole. Fosters an environment in which they will report any violations or reasonably suspected violation of CNI policy, FAR, and / or CFR and are comfortable discussing the myriad compliance, conflict, FAR, CFR, etc.

issues that arise during the performance of a government contract.

EOE including disability / vet.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!