Information Security Analyst at IREX

Your Background and Skills

• Bachelor’s degree in computer science, IS or Information Security.
• Minimum of 5 years’ experience in Information Security.
• At least 2 years’ prior experience in a role with responsibility for information security incident response; this is not an entry level position.
• CISSP, OSCP, CRISC, GCIH, GCFA, GFCE, GSE and/or similar certification desirable.
• Excellent program/project management, prioritization, and organizational skills.
• Acute attention to detail.
• Experience with Microsoft Defender for Endpoints.
• Experience with Windows 10/11 operating systems and MacOS.
• Experience working with Zendesk and Qualys.
• Experience working with and managing phishing simulation platforms.
• Experience with network fundamentals such as IPv4, subnet mask, DNS, DHCP, etc.,
• Experience creating, collecting, and assembling metrics for reporting.
• Experience with incident response.
• Experience working with on-prem and Cloud technology platforms and applications.
• Must demonstrate valid proof of unrestricted authorization to work in the country where this position is based.

Your Daily Tasks

• Monitor alerts, detections, or other indicators of compromise/attack from a variety of information security solutions.
• Perform threat hunting by actively seeking out anomalies and Indicators of Compromise and/or verifying their presence in IREX’s Information Technology Environment.
• Perform Incident Response activities based on automated alerts, malware assessment, IOC discovery and other threat hunting activities.
• Investigate, contain, eradicate, and/or escalate security detections as appropriate.
• Assist in the discovery, analysis, and remediation of vulnerabilities.
• Monitor security platforms’ health for errors, misconfigurations, or performance alerts.
• Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats, indicators of compromise, and assist in investigations.
• Perform control testing and other risk management activities.
• Provide information in response to assessments and audits.
• Provide oversight of managed third-party security services.
• Maintain an understanding of the systems, solutions, and technologies deployed in IREX’s IT infrastructure.
• Serve as a resource to the organization in the realm of information security by maintaining a dedication to continuous learning and growth.
• Contacts staff and assists in resolving security issues.
• Contacts staff and vendors to gather information about security incidents.
• Contacts vendors and contractors regarding information security issues.
• Document and generate reports of detections and response actions for review by management and other stakeholders.
• Update and manage IREX’s Information Security SharePoint Site.
• Provides security training to partners and projects, when requested.
• Provides policies and procedures documentation to NBD, when needed.
• May communicate with NBD regarding regional privacy regulations.
• Responsible for the execution of the unit budget. 
• Support fellow team members, end-users, and other stakeholders’ requests related to information security services.
• Other duties as assigned.