Senior Information Security Analyst

Apply Now

Description

 Relation is among the fastest-growing insurance brokers in the U.S. We work together to bring new products, capabilities and ideas to our clients, while preserving the local relationships and expertise that our clients have come to expect. Our employees and our clients are our top priorities…our success is built upon both and we take that seriously. We offer a competitive compensation package (including benefits), a collaborative team environment and growth opportunities.

We are looking for brilliant minds to come join us in a fast-paced, exciting work environment where having fun while working hard is part of our core values. Our culture encourages personal growth, and success. Are you a team player who enjoys challenging work? Do you believe the client always comes first? Come claim your future with a growing company that can help you be your best. Build a lasting connection with Relation!


  

Position Summary

The Senior Information Security Analyst is responsible for day-to-day information security operations support including security event handling, security incident response, threat hunting, threat intelligence analysis, forensic analysis, vulnerability identification, and security incident recovery services. The Analyst is responsible for monitoring the safety and security of the enterprise information systems and resources using a Security Event Information Management (SEIM) system with auditable logs of all investigations and response activities.

The Analyst is also responsible for planning and executing short- and medium-term information security improvement projects and initiatives intended to improve the enterprise information security posture, tools, policies, processes, and procedures with guidance and support from the Director of Information Security as well as enterprise architects and security engineers. The Analyst works actively with other IT staff as well as end-users and leadership from other departments to help determine information security requirements and deploy appropriate solutions that meet security best practices and recommendations.


Primary Responsibility

  • Assist in the identification, response, investigation, and remediation of potential breaches and issues surrounding data security.
  • Proactively identify security problems, monitor performance trends, perform upgrades and make recommendations to security hardware, software, processes, and procedures as required.
  • Monitor network, systems, and logs for events that could negatively impact the confidentiality, integrity, or availability of enterprise systems and data. Investigate and respond to all potential incidents in accordance with prescribed procedures.
  • Responsible for performing the following: Vulnerability Scanning, Penetration Testing, Network Monitoring, Log Review, Incident Response, Forensic Collections, Policy Review, and Configuration Review.
  • Assist with the evaluation of policies, processes, procedures, and technical controls for compliance with regulations and standards including HIPAA, PCI, NIST, NYDFS, ISO 27001 and other relevant requirements.

Requirements

About You

You offer clients the kind of security that will help them sleep well at night. You’re a creative problem solver, always thinking ahead and spotting risks. Like a digital detective, you uncover and prevent cyber threats to protect businesses from risks they may not even know they face. You’re as happy to work independently as you are supporting junior colleagues.


Your Skills

You have knowledge of technology security issues across all platforms and across all business units to include, but not limited to networking, applications, Identity and Access Management, Operating systems, Cloud services, Email gateway, Privileged Access Management, Vulnerability management, Database Security, Data Loss Prevention, Endpoint Security and Software Development.


You’ve probably 

got a Bachelor’s degree or equivalent in Information Systems, Information Security, or another relevant field.

You have experience working with a variety of the following technologies and acquired an advanced level of proficiency in a few.

· Firewalls

· Intrusion Prevention & Detection Systems (IPDS)

· Endpoint Detection & Response (EDR)

· Vulnerability Scanners

· SIEM / log management

· Have a deep understanding of networking and the inner workings of operating systems

· Have a deep understanding of adversary TTPs and the MITRE ATT&CK framework

· Knowledge of Microsoft Defender for Cloud, Cloud Apps. Endpoint, and Identity

· Knowledge of Microsoft Endpoint Manager, Intune, and Autopilot


Relation Insurance Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.