Information Security Analyst
The Information Security Analyst assists in the administration, maintenance, development and/or implementation of policies and procedures to ensure the security and integrity of all information systems and business functions. The individual in this position performs regular operational security functions and plays key role in supporting security audit and ongoing compliance-related activities.
Primary position responsibilities:
- Provides technical expertise, support and review to the infrastructure and development teams on the implementation of Cass’ information security technical controls, including network, application, workstation and server requirements.
- Maintains existing security tools, including, but not limited to Firewalls, Security Information and Event Management (SIEM), vulnerability scanning tools, e-mail gateways/spam filters, and anti-virus/malware. Evaluates new products and strategies, and make recommendations for improvements where possible.
- Performs regular vulnerability assessments, providing specific guidance to infrastructure and development personnel on exposures and remediation requirements.
- Performs patch management and vulnerability remediation activities.
- Works as a part of the Incident Response Team to respond to, assess, and remediate security incidents as needed.
- Develops communications and related campaigns for information security awareness among all staff within all business units and offices.
- Assists in maintaining network security policy, standards, processes, and procedures.
- Provides coordination for performing security audits and creation of documentation and remediation plans.
- Performs system log monitoring and reporting. Monitor system logs and alerts and provide first level response in determining the severity of alerts and escalating them to management.
- Serves as lead for small technical security projects. This includes communicating across technical organizations and creating discrete design, testing, and deployment plans.
- Other duties as assigned.
Knowledge and minimum requirements:
- Strong analytical skills, to analyze technical security events and respond appropriately.
- Strong technical knowledge of Microsoft Windows Operating Systems.
- Strong knowledge of networking fundamentals including TCP/IP, Routing and Switching.
- Strong technical knowledge of hacking fundamentals: Exploitations, Escalations, Evasion, Rootkits, etc.
- Advanced knowledge of security technologies. (Firewalls, IDS, A/V, etc.)
- Knowledge of cyber incident management processes.
- Strong written and verbal communication skills.
- Ability to train others on security concepts.
- Demonstrated ability to work effectively with a team.
- Bachelor’s degree in Computer Science, Information Security or related field.
- 2-4 years of experience in Information Security.
- GSEC or other relevant security certifications are highly desirable.
Please apply directly to this position via the “Apply” button. You will be required to create an account and provide your resume, contact information and other pertinent employment information. This process typically takes 20 minutes or less. Should we find that you meet the minimum requirement of the position, a member of our recruiting team will be in touch to start the interview process.
About our company:
Cass Information Systems is the nation's leading provider of payment and information services for Corporate America’s freight, utility, waste and telecom expenses. We are a business-to-business solutions provider focused on invoice processing, payment, auditing and business intelligence services. We are strongly committed to providing consistently high-quality service to our customers and deeply committed to the welfare and professional growth of our staff.