K2 Intelligence is adding a computer/IT security/cybersecurity/computer network defense analyst who will analyze and assess risks to home and private office IT systems and environments. Analyst will identify, document, and educate clients on data privacy, security standards, and best practices.
- Conduct vulnerability analysis and assessments.
- Audit privacy and security standards and communicate all related compliance issues/gaps to client.
- Assess threat and vulnerability information from all sources (both internal and external).
- Participate in security and privacy incident investigations, incident tracking, response plans, and activities related to security and privacy.
- Recommend improvements and enhancements to protect information and assets and ensure compliance with federal and state privacy and security regulations. Develop mitigation and remediation plans as a result of vulnerability assessment findings.
- Confer with users to discuss issues including, but not limited to, computer data access needs, security violations, and programming changes.
- Research best practice programs with specific emphasis on privacy and security.
- Develop, recommend, and implement best practices and procedures for protecting information, assets, and security. Provide feedback to managers on implementation and completion of new security and privacy standards and procedures for clients.
- Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure.
- Participate in security and privacy training and education including development of security alerts.
- Bachelor’s degree in computer science, information assurance, information technology, or a related field
- At least two years of related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis and privacy procedures
- Previous experience in and proven methods for incident identification/analysis, escalation procedures, and reduction of false-positives
- Demonstrated experience with and application in establishing security controls to protect information systems consistent within the industry
- Demonstrated experience with and application of open- and closed-source resources within industry
- Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments
- One to two years’ experience or equivalent education/experience in information security, privacy, and disaster recovery
- One to two years’ experience or equivalent education/experience in security and/or IT auditing
- Knowledge of federal, state, and city regulatory agencies
- Advanced knowledge of Apple iOS and OS
- Advanced degree or certificate in cybersecurity
- Consulting experience a plus
- Time management
- Other relevant professional certifications in the field of IT security are a plus, such as:
- GIAC Certified Professional, Information Security Professional (GISP)
- GIAC Certified Intrusion Analyst (GCIA)
- ArcSight Certified Integrator/Administrator (ACIA)
- Cisco Certified Security Professional (CCSP)
- Certified Information Systems Security Professional (CISSP)
- ArcSight Certified Security Analyst (ACSA)
- Systems Security Certified Practitioner (SSCP)
In order for us to manage your application effectively, please include in the subject line of your email your full name, the role you are applying for, and the location of the role.