The Security Analyst is responsible for monitoring and oversight of several security technologies. The security analyst provides services and support across a diverse range of business applications, while adhering strictly to compliance and operational risk controls in accordance with regulatory standards, and Darden’s policies and practices. The position requires a high degree of technical proficiency and familiarity with software, system and network security issues in large enterprise environments.
ROLES AND RESPONSIBILITES:
- Monitor multiple security technologies, such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, host forensics and malware analysis, web application firewalls and proxy solutions.
-Monitor and process Service Desk queue as well as triage tickets appropriately
-Maintain Cybersecurity Service Desk queue compliance based on established SLAs
-Participates in development and implementation of information security procedures; recommend security guidelines and safe practices for company-wide computing and networking systems.
-Reviews, updates, and enforces data security practices within the corporate and restaurant systems environments; tests for exposures to ensure adherence to guidelines and procedures, and works with platform experts to implement remedial measures as appropriate
--Develop and maintain standard operating procedures to reflect day-to-day security operations.
-Tests security controls and manages the associated remediation of any deficiencies as needed
-Research and evaluate emerging technologies in support of security technology enhancements
-Assists in developing responses to internal & external audits, penetration tests and vulnerability assessments.
-Performs other duties as assigned
REQUIRED TECHNICAL SKILLS:
-Minimum 3-5 years in the information security field
-Hands on experience with mitigating security controls (i.e., anti-virus, IPS/IDS, DLP, web and network proxies, URL content filtering, multi-factor authentication, SSL VPN’s) and how they work in an overall defense in depth risk assessment methodology.
-Solid understanding of network, workstation, and server security configuration
-Experience supporting information security design concepts, including testing and implementation of security technology enhancements.
-Knowledge of regulatory compliance regulations (PCI, SOX, PII)
-Must be able to effectively interact with other teams across the organization
-Ability to manage multiple tasks along a parallel process
-Bachelor’s degree in Computer Science, Information Technology, or a relevant field, or equivalent experience.
OTHER KEY QUALIFICATIONS:
-Strong interpersonal and consultative skills
-Ability to effectively prioritize and execute tasks in a high pressure environment
-Excellent written & verbal communication skills
-Excellent technical documentation skills
-Excellent presentation skills
-Experience working in a team-oriented, collaborative environment
-Experience leading and supporting technical teams
-Strong work ethic
-Demonstrated initiative and ownership
-Demonstrated ability to effectively interact professionally with a diverse group of people at all levels of the organization.
PREFERRED SKILLS AND EXPERIENCES:
-Minimum of one current technical certification (e.g., CISSP, CEH, GIAC, GSEC, Security+)