Senior, Information Security AnalystCarbon

Role

• The Information Security Analyst will implement security measures to protect Carbon’s computer networks, endpoints, and systems.
• The individual will be responsible for the security and regulatory compliance audits, assisting with invulnerability, and administering security infrastructure tools. 

Responsibilities

• Run a daily review of PCI DSS environment network traffic
• Run a daily call over of audit and systems logs of the PCI DSS environment
• Monitor security logs of critical public-facing services
• Review Endpoint Security logs and threat alerts
• Gather relevant Security Metrics for Information Security Report
• Manage Security incident tickets.
• Monitor and follow up on DLP, IPS, and Antivirus exceptions & alerts
• Work with network engineers to analyze firewall activities.
• Ensure compliance with local IT regulatory standards

Requirements
We are looking for candidates who can meet the following criteria. We want to emphasize that we don’t expect you to meet all of the below but would love you to have experience in some areas and a willingness to learn and expand your knowledge in other areas:

• Experience in monitoring, analyzing, and resolving security alerts generated from various sources (networks, servers, endpoints, and other event logs).
• Ability to conduct and manage vulnerability scans using external and internal tools.
• Experience in reviewing and monitoring network security to respond in a timely fashion to security alerts, while performing initial triage and providing the necessary information to other team members when necessary to solve the alert.
• Experience in running penetration tests on Technology Infrastructures,
• Experience in running periodic security audits on current IT infrastructure and application software.
• Ability to define and maintain an Information Security Incident Response Plan, including documenting security breaches.
• Ability to manage and administer security infrastructure tools such as IDS/IPS, email gateway, web filtering, and endpoint protection consoles.
• Experience in reviewing all system implementation designs and plans to ensure sufficient security and recovery provisions have been included, updating the corporate DRP as appropriate, and ensuring appropriate provisions are made in the BCP.
• Experience in researching the latest information technology (IT) security trends, best practices, threats, and potential vulnerabilities.
• Ability to develop security standards and best practices and recommend security enhancements to management or senior IT staff.
• Minimum of 5 years in as an Information Security Analyst relation job functions.
• Working knowledge of Windows and Linux Server, Bash, SQL, and Wireshark
• Expert knowledge of relevant security and privacy legislation.
• Good understanding of software development lifecycle.
• Familiarity with Cloud Platforms like AWS or GCP
• Experience with IT security and compliance standards both local and international like NITDA, CBN, ISO, PCI-DSS, etc