Sr. Security Analyst - Neptune
Duluth, GA 30026
About the Job
Position Summary
As the Security Analyst, you will be responsible for ensuring the organization is effectively designing, developing, and implementing security compliance controls and solutions. You will engage with stakeholders throughout the organization, and throughout the Product Lifecycle to ensure that standard security practices are followed and implementing risk mitigations where required. The position will work closely with IT Operations, Information Technology, Commercial Software, and Engineering, along with the business to ensure there is a consistent and common approach to implementation of security and compliance management activities.
Responsibilities:
Security Operations and Risk Management
- Collaborate with cross-functional teams to implement compliance initiatives and security controls
- Lead Security projects from ideation through deployment/delivery, while supporting day to day Security Operations
- Support Neptune’s Security Operations Center (24x7x365) on overall event and incident management activities
- Ensure security requirements are implemented within various stages of the Software/System/Product lifecycle process
- Working with various product management teams from design to build phases
- Work closely with teams to Pen Test new features within software, products, infrastructure
- Work with teams to validate and address vulnerability and threat findings from analysis partners and tools
- Research upcoming IT trends and make security recommendations
- Perform security reviews of software/product/infrastructure designs to assist developers in ensuring quality and robustness of our software and products
- Engages in Disaster Recovery Planning/Testing to ensure all risks and potential threats have been mitigated
- Leads analysis and review of security events conducted throughout the company
- Leads exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions
- Supports ongoing compliance activities and monitoring efforts across applicable Regulations and Standards
- Effectively deliver technical security issues to non-technical management
Requirements
Education/Experience:
- Typically requires a bachelor's degree (or international equivalent) and 6+ years of relevant experience.
Preferred Qualifications:
- Bachelor's degree, preferably in Cybersecurity, Computer Science, or equivalent.
- 5+ years of infrastructure/network security, application security, security assessment
- Experience in 2 or more of the following areas – Incident Response, Vulnerability and Patch Management, AD Security, Disaster Recovery, Device/OS Hardening, Forensics, PKI encryption and authentication, Security engineering, Cloud Security, Security Standards – NIST/SOC/ISO27001, SIEM management, Security assessments
- IT experience - infrastructure, networking, and/or software development
- Professional certifications such as Security+, CASP+, CySA+, GIAC or ISC2 certifications.
- Ability to take ownership of your areas and actively improve our security posture
- Experience working with outsourced organizations and third-party vendors preferred
- Advanced written and verbal communication skills
- Strong problem-solving skills
- Strong analytical skills and the ability to understand and document complex technical or business process data flow
Travel Requirements: Typically requires overnight travel less than 10% of the time.
Location: Duluth, GA, Tallassee, AL
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)
Information Systems