SpringfieldILRecruiter Since 2001
the smart solution for Springfield jobs

Senior IT Security Analyst

Company: Busey Bank
Location: Edwardsville
Posted on: January 16, 2022

Job Description:

Can work remotely in IL, MO, IN and FL.WHAT YOU'LL DOThe Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst is responsible for monitoring application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies.The analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Analysts are expected to continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business.WHAT YOU'LL BRINGKnowledge of:Proficient with SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms, and security orchestration, automation, and response (SOAR) solutions to centralize and manage the incident and remediation workflow. Ability to analyze incident logs, attack vectors, and understand vulnerabilities and exploits.Experience in incident handling and investigation including using formal chain-of-custody methods, forensic tools, and best practices.Applicable knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and CVSS.Capable of scripting in Python, Bash, Perl, RegEx, or PowerShell.Knowledge of one or more cybersecurity frameworks: Center for Internet Security (CIS), National Institute of Standards (NIST) or International Standards Organization (ISO).Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Gramm-Leach-Bliley Act (GLBA)Familiarity with cloud architectures, standards, and practices.Ability to:Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively with cross functional teams.Self-starter requiring minimal supervision.Excellence in communicating business risk and remediation requirements from assessments.Analytical and problem-solving mindset.Highly organized and efficient.Demonstrated strategic and tactical thinking.Stays current with the evolving threat landscape.Duties:Regularly research and identify emerging threats, TTPs in public and closed forums, and work with colleagues to access risk and implement/validate controls as necessary.Assist with Security Operations activities, including but not limited to, triage of alarms/alerts, and perform technical security assessments.Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).Automate repetitive tasks and drive efficiencies so analysts can work on more advanced tasks.Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associates.Partner closely with internal teams to improve tool usage and workflow, as well as mature monitoring and response capabilities.Provide support to business units launching new applications or infrastructure to verify that new products/offerings are not at risk of misconfiguration, compromise, or information leakage.Cross-train on other core security platforms (i.e. TVM administration, EDR, Web Security, etc...).Perform other duties as assigned.WHY IT MATTERSWith organizations constantly under attack, your role is essential to ensuring that Busey can quickly identify, respond, and recover from security events that may occur. The organization looks to Information Security to be knowledgeable of attacker TTPs, and then leveraging that knowledge to ensure that the organization has appropriate controls to mitigate risk and monitoring and alerting in place to detect events where security controls have failed.Information Security supports our business and ensures that we are taking on appropriate levels of risk. That can only be accomplished through maintaining working relationships across Busey business units and IT departments, evangelizing security, and ensuring that effective collaboration is occurring leading to Information Security's desired outcomes.EDUCATION & TRAINING(Preferred) Bachelor's degree in computer science information assurance, MIS or related field, or equivalent.On-the-job training in relevant roles relating to information security, threat and vulnerability management, system administration, or equivalent.Preferably, one of the following: Security+, CySA+, CRISC, CCRMP, or CISA; or willingness to pursue a certification or re-certification within the first six months of hire.At least 3-5 years' experience in information security administration, vulnerability management, security operations, or system administration.Busey believes that diversity and inclusion among our teammates is critical to our success as a company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.Equal Opportunity Employment is a priority for Busey and all qualified applicants will receive consideration regardless of race, color, religion, national origin, genetic information, sex (including pregnancy), age, sexual orientation, gender (including gender identity and expression), marital status, military status, veterans status, citizenship status, disability, order of protection or any other characteristic protected by applicable law or other non-merit based factors.

Keywords: Busey Bank, Springfield , Senior IT Security Analyst, Professions , Edwardsville, Illinois

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Illinois jobs by following @recnetIL on Twitter!

Springfield RSS job feeds