Information Systems Security Analyst Job Description
Information systems security analyst
provides internal support as needed for CHSLI Secure Messaging, Network Access Control System, and Vulnerability Scanning efforts;.
Information Systems Security Analyst Duties & Responsibilities
To write an effective information systems security analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included information systems security analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Participating in day-to-day information security activities such as questions, problems, exceptions
Author Certification and Accreditation artifacts, System Requirements and Specifications to meet the client’s security policies
External Projects - Analyze business requirement, identify areas related to IAM, and collaborate with project stakeholders, to integrate/create access management related processes, procedures, tasks and documentation
Internal Projects – Automate manual tasks, create/maintain customer self-help tool/portal
Gathers data, analyzes and reviews reports, including department, project, key indicators and dashboards
Works with minimal instruction or guidance for moderately difficult assignments with diverse scope and complexity
Primary focus of the position will be mainframe security initiatives and projects across 4 environments managed by the CA ACF2 security product
S/He is responsible for the requirements, analysis, design, implementation, and maintenance of applications used by technical and line of business personnel to support mainframe user provisioning, access management, and reporting
Analysis of current Mainframe environments to develop proposals for improvements and efficiency gains in alignment with client requirements
The associate will be required to support mainframe software optimization projects, Enterprise COBOL upgrade project, Owner/Grantor system enhancements, audit/regulatory projects, security product upgrades, acquisitions and divestitures, and other key strategic projects
Information Systems Security Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Systems Security Analyst
List any licenses or certifications required by the position: IAM, II, CISSP, IAT, CISA, C&A, CISM, DOD, IA, ITIL
Education for Information Systems Security Analyst
Typically a job would require a certain level of education.
Employers hiring for the information systems security analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Cyber Security, Computer Science, Associates, Information Technology, Education, Management, Technical, Information Systems, Information Security, Engineering
Skills for Information Systems Security Analyst
Desired skills for information systems security analyst include:
SCAP
Vulnerability scanning
NESSUS
SPLUNK
ACAS
POA&Ms
System audits
NIST
DIACAP
NISPOM
Desired experience for information systems security analyst includes:
Hands on working experience with Active Directory using ADUC or MMC required
Hands on working experience on AD Computer, User, and Group Objects (CRUD – Create, Read, Update, Delete) , knowledge of AD GPO’s and ACL
S/He will partner with technical and business areas to define security requirements, and to develop and execute project plans
Provides support for Unix Systems Services user provisioning
Establish guidelines for mainframe security best practices
Respond timely to audit and regulatory inquiries
Information Systems Security Analyst Examples
1
Information Systems Security Analyst Job Description
Job Description Example
Our company is looking for an information systems security analyst. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information systems security analyst
- Designs, tests, and implements secure networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions
- Executes on and enforces Key's Access Control policies for applications
- Responsible for controlling access to applications on the basis of least privilege and separation of duties, either as an Application Control Specialist (ACS) or in support of the ACS
- Execute activities to analyze, architect, build, secure, populate, and deploy business applications and questionnaires to support various workflows, functions, and information reporting required by stakeholders
- Engage stakeholders to specify requirements and workflow processes to be implemented within the application/questionnaire
- Develop a deep understanding of various governance, risk, and compliance activities that form the basis for the user requirements
- Provides technical expertise and requirements feedback to ensure business needs are met
- Migrates approved configurations for the application and/or questionnaire into the appropriate systems environments in accordance with change management approvals and process
- Create / maintain application documentation, business rules, test scripts, use cases, and other pertinent artifacts for GRC Admin owned applications
- Ensure application documentation, business rules, test scripts, use cases, and other pertinent artifacts for Program Owned applications are maintained
Qualifications for information systems security analyst
- CA ACF2 product features, reporting, and provisioning process
- Experience in LAN/WAN Administration
- Demonstrated systems security engineering experience on programs that encompassed systems security architecture, requirements analysis, design, production, integration, test and transition into operations
- Establish common processes across tasks, including configuration management (CM), risk management, quality assurance (QA)
- Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages
- Eight (8) or more years of cyber security or similar experience required
2
Information Systems Security Analyst Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of information systems security analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information systems security analyst
- Communicate and enforce security policies, procedures and safeguards for all systems and staff, based upon DOJ, FBI, and NIST
- Perform business impact assessments when evaluating platform upgrades and/or new business requirements
- Participates in defining acceptance and testing criteria, develops and performs test plans to validate application functionality meets business and technical requirements
- Provide assistance to the Project Manager with estimating and scheduling of activities
- Develop, improve, and deploy management reporting and enterprise portal functions
- Develop and perform various balance and control activities over interfaces, extracts and data flows
- Engage with new and existing stakeholders/interested parties to demonstrate the product’s capabilities, including applications and questionnaires
- Assist with the development of training materials, business procedures, and other required documentation
- Coordinate with business and system continuity coordinators to maintain and test recovery plans
- Performs vulnerability scans, penetration tests, self audits, patch management reviews, , security and risk assessments
Qualifications for information systems security analyst
- Understanding of Role Based Access Control (RBAC) preferred
- Quest products Active Roles Server, Change Auditor, Recovery Manager for AD, etc preferred
- At least 4-5 years of Enterprise Windows experience with a security focus
- Or 12 Years with Masters
- Knowledge of core security tool concepts (IDS, SIEM, Firewalls, Vulnerability Assessment tools, configurations compliance, ) and ability to analyze technical outputs and recommend process improvements at an enterprise level
- Industry certifications relating to IT security required (CISSP, GIAC, CEH, TNCP)
3
Information Systems Security Analyst Job Description
Job Description Example
Our company is searching for experienced candidates for the position of information systems security analyst. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for information systems security analyst
- Keeps abreast of current security technologies and facilities (e.g., security products, network and anti-malware technologies) as they become available, and educates peers with knowledge obtained
- Provides SIRT (Security Incident Response Team) problem resolution assistance and will coordinate investigation and resolution of security incidents
- Works closely with information security staff to monitor, assess, update and improve plans and programs
- Coordinates responses to information security incidents, internal and external audits, and departmental and corporate exercises and drills
- Creates, manages and maintains Information Technology department staff security awareness
- Collaborates with IT leadership, Risk Management and Public Safety to manage information security vulnerabilities
- Conduct periodic reviews of ISs to ensure compliance with the security authorization package
- Serve as member of the Configuration Control Board (CCB)
- Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM prior to the change
- Ensure audit records are protected, collected and reviewed
Qualifications for information systems security analyst
- Ability to produce quality deliverables and to complete assigned projects on time
- Consistent attention to detail - completes tasks per standard operating procedures
- Persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems
- Strong work ethic and a proven professional - respectful, dependable, takes initiative and follows through, dedicated to excellence and getting the job done
- Current SECRET (or higher) DoD Security Clearance
- Current DoD 8570 Baseline Certification (Security+ CE, CAP, GSLC, CASP CE, CISA, CISM, or CISSP)
4
Information Systems Security Analyst Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of information systems security analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information systems security analyst
- Perform current system or platform security analysis and documentation
- Assist in the evaluation of 3rd party vendors involved in information security projects and processes
- Participate in breach and information security related investigations, documentation, and remediation
- Building and maintaining policies and reports for all security monitoring tools in corporate and public facing environments such as web and email DLP, SIEM, enterprise AV, IDS and AD
- Provide information security expertise in infrastructure platform support throughout all phases of break-fix (problem identification, resolution, test, deployment, and turnover)
- Providing technical information security leadership in varied phases of infrastructure and application project life cycle and processes (design, review, build, test, deploy)
- Assists in developing and maintaining detailed knowledge of the current technology and infrastructure from a functional perspective
- Provides consulting services to internal business groups on process improvement projects designed to improve their business results
- Under general supervision, the IS Security Analyst will be a member of a core team responsible for coordinating all IT systems development and operation for the Eligibility Determination System
- We are looking for an experienced Information Systems Consultant to serve in a working title of Information Systems Security Analyst who will be responsible for the overall implementation of security policies, programs, and necessary technologies for the Eligibility Determination Systems in compliance with existing health care laws and provisions
Qualifications for information systems security analyst
- Experience with security concepts (Data Loss Prevention, Active Directory, and Security Log Analysis)
- Undergraduate degree in Information Technology or Cyber Security, but candidate with proven experience will not be excluded from consideration
- Active and continuous learner - either higher education or Continuing Professional Education
- Experience with log reviews, assisting in audits, risk analysis, contract and vendor negotiation experience is desired
- Must have an Active Department of Defense - Secret Security Clearance and be able to obtain Special Access Program qualifications
- Must be 8570 Certified within 6 months of employment (Security+ CE Minimum)
5
Information Systems Security Analyst Job Description
Job Description Example
Our innovative and growing company is hiring for an information systems security analyst. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information systems security analyst
- Coordinate with on an offshore team of business analysts, database analysts and development staff to ensure consistent delivery of executive management security reporting
- Continually improve process and integration of security systems granting the business enhanced visibility and transparency of the security posture and any action required to further secure the environment
- Provide onsite and remote assessment, mitigation and remediation support to CNIC systems
- Evaluate, and analyze risks identified in FISMA POAM and assist the program in mitigating the vulnerabilities in the efforts to reduce the risk
- Ensuring systems are functional after mitigation/remediation has been completed
- Support and monitor hardware and software IA problems pertaining to the NE
- Develop and implement access control lists on routers, firewalls, and other network device
- Ensure applicable patches including IAVAs, IAVBs, and TAs are installed for their NE
- Audit clients firewalls and intrusion detection Systems
- You must be able to document/draft/update Standard Operating Procedure documents that outline security processes, roles and responsibilities
Qualifications for information systems security analyst
- Minimum of three years in an information systems senior security analyst role for a large, publicly traded organization
- Experience must include developing functional requirements for ADP systems
- Active security clearance at a minimum of secret level or higher
- May be required to meet requirements of 8570.01M
- Security+ or another IAM-I certification
- RMF Transition Experience