Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
Information Security Analyst Job Description Template
Our company is looking for a Information Security Analyst to join our team.
- Investigate security breaches and other cyber security incidents;
- Document security breaches and assess the damage they cause;
- Work with security team to perform tests and uncover network vulnerabilities;
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs;
- Fix detected vulnerabilities to maintain a high-security standard;
- Research security enhancements and make recommendations to management;
- Help colleagues install security software and understand information security management;
- Stay up to date on information technology trends and security standards;
- Stay current on IT security trends and news;
- Monitor computer networks for security issues;
- Perform penetration testing;
- Develop company-wide best practices for IT security.
- Experience with security management processes, response playbooks, security assessments, and penetration testing;
- Strong familiarity with NIST and ISO frameworks;
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact;
- Knowledge of risk assessment tools, technologies and methods;
- Expertise in designing secure networks, systems and application architectures;
- Expertise in anti-virus software, intrusion detection, firewalls and content filtering;
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them;
- Endpoint security solutions, including file integrity monitoring and data loss prevention;
- Understanding of firewalls, SIEM, antivirus, and IDPS concepts;
- Disaster recovery, computer forensic tools, technologies and methods;
- Industry experience in an information security function.