85 applicants

Company

Kutak Rock · 4 days ago

Information Security Analyst

Twin Cities Area

Full-time

Remote

Mid, Senior Level

$81K/yr - $110K/yr

5+ years exp

Maximize your interview chances

ConsultingLegal

Growth Opportunities

Hiring Manager

Jessica Lindsay, SHRM-CP

Insider Connection @Kutak Rock

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Work with system owners to analyze, design, and help implement secure system configurations, processes, and features in support of the Information Security Management System (ISMS)

Perform vulnerability/risk analysis of computer systems, software, and applications

Manage and maintain Firm systems and processes to monitor, alert, and ensure that only approved applications and executables are executed within the environment

Establish security metrics to baseline, monitor, and report on security effectiveness and progress in areas of responsibility

Document, track, respond, and escalate incidents that may cause ongoing and immediate impact to the firm

Analyze log files from a variety of sources to identify possible threats to system security

Identify, investigate, and remediate threats, suspicious and malicious activity, coordinating response as necessary

Assist in the identification and acquisition of new information security products and services

Work with vendors to facilitate security projects

Gather and analyze information on emerging cyber threat, information security trends, technologies, and related regulatory issues. Communicate relevant information to the Director of Cybersecurity, ISMT, IT leadership, members of IT staff and others, as appropriate

Make recommendations for improving the security posture across the enterprise

Promote data security awareness within the IT Department and across the Firm

Participate in the maintenance of the Firm’s Disaster Recovery and Business Continuity Plan

Ensure all security standards and procedures are kept current

Excellent interpersonal communications skills to interact with executives and all employees

Travel to offices and work extended hours when necessary (10%)

Perform other related duties as assigned

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Vulnerability managementSecurity toolsISO 27001CISSPInformation security experienceWindows Operating SystemIncident responseSecurity complianceNetwork protection methodsSecurity regulations knowledgeLog analyticsCloud servicesTwo Factor AuthenticationSingle Sign OnPenetration Testing

Required

Demonstrated knowledge of vulnerability management in an enterprise information security environment

Ability in documenting, implementing, and managing an enterprise information security infrastructure

Advanced knowledge of security and security related tools and technologies including: Windows Operating System; IDS/IPS; SIEM; Web Proxy; Encryption; Firewalls; Patch Management; Vulnerability Scanning & Remediation; Penetration Testing; DLP; Secure Email Gateways; MDM; Account Management; Log Analytics; Two Factor Authentication; Single Sign On; Antivirus; TCP/IP; HTTPS; SSL; TLS; DNS; Advanced Endpoint Protection; Cloud Services; Wireless

Knowledge of methods for identifying and protecting networks against common and emerging security attacks and advanced persistent threats

Knowledge of ISO 27001 security standards

Knowledge of rules and regulations related to GLBA, HIPAA, Mass Privacy, etc

Exceptional customer service and responsiveness to both internal and external clients

Strong organizational skills with the ability to manage priorities, meet deadlines, and collaborate with team members

Effective verbal and written communication skills to compose outgoing notifications, technology communications, and executive level reporting and summaries

Ability to analyze and prepare recommendations relating to security and compliance for existing and future IT architecture

Ability to communicate security exposures, misuse, or non-compliance situations to management

High school degree or equivalent required

CISSP, SSCP, CEH, GSEC, GIAC, SECURITY+, ECSA or equivalent required

5+ years experience in information technology operations which includes systems administrator responsibilities

3+ years experience in information security