Security Operations Lead Analyst
This position will be responsible for operational security responsibilities across Ascensus. The individual hired for this position requires a passion for data protection, strong problem solving and analytics, documentation, communication and organizational skills, collaborative abilities, self-motivation, innovation, efficiency and attention to detail. This position will be empowered to help guide our operational security program and have at least one associate reporting to them. Operational security reports to the Ascensus VP of Information Security & Compliance. Work location is flexible, however, preference for our Dresher, PA, Brainerd, MN, Newton, MA or Fargo, ND offices.
Essential Duties and Responsibilities:
• Lead the security operations team while also performing the responsibilities below around monitoring, response and management of solutions
o Accountability for team’s effectiveness and success
o Establish cross-training within team for availability of SecOps functions
• Security Event Monitoring & Response
o Monitor security events from sources including, but not limited to:
Network and web application firewalls
Applicable server and application security logs
Data Loss Prevention (DLP)
o Analyze events filtering for false positives
o Understanding of basic network services, vulnerabilities and attacks
o Respond to and escalate events
o Work with the security team to enhance processes & procedures
o Contribute to and maintain documented processes around monitoring & response
o Work closely with information security, IT, risk & governance and facilities teams.
o Periodically report on metrics
o Process phishing email escalations from Associates
o Correlate events with other known social engineering attempts
• Management of Security Solutions
o Build, manage and maintain tools including, but not limited to:
Web Application Firewall
Anti-Virus/Malware & Endpoint Protection
Web content filtering
File intergrity monitoring
Network Access Control (NAC)
o Maintain documentation around tools
o Champion the information security tool’s usage to maximize features
o Review access requests around content filtering, removable media and local administrative exceptions
• Work collaboratively with the various technology teams to accomplish security objectives
• Additional security experience may be gained depending on associate’s level of interest and availability:
o Assessing and selecting security vendors or solutions
o Identify emerging vulnerabilities and evaluate associated risks
o Assisting in incident response events
Security testing (vulnerability scans, aspects of ethical hacking/penetration testing)
Detailed configuration reviews
• Responsible for protecting, securing, and proper handling of all confidential data held by Ascensus to ensure against unauthorized access, improper transmission, and/or unapproved disclosure of information that could result in harm to Ascensus or our clients.
• The I-Client philosophy and the Core Values of People Matter, Quality First and Integrity Always® should be visible in your actions on a day to day basis showing your support of our organizational culture.
• Experience managing security tools noted above
• Experience with monitoring and response activities
• Knowledge of information security risks, at least technical aspects including working knowledge around remediation.
• Ability to lead, inspire and motivate associates on the team
• Ability to objectively review the team’s work, implement enhancements and monitor quality
• Strong written and oral communication skills. The ability to communicate effectively (clear, concise and professionally) with all levels within Ascensus.
• Highly organized and able to process and manage inventories of controls and findings.
• Excellent analytical and problem resolution skills.
• Self-starter and able to work independently.
• Persistence and strength to champion initiatives.
• 5-7 years of experience.
• Knowledge of networking preferred.
• Expert level proficiency in MS Office software applications, specifically Word, Excel and Power Point
• Bachelor’s degree or Associate’s degree plus equivalent work experience required.
• Security certifications welcomed.
We are proud to be an EEO employer M/F/D/V.
- Collaborative, idea-sharing environment
- Professional development
- In-house training
- Tuition reimbursement
- Generous reward programs
- Paid time off (additional purchase plan)
- Medical, dental & vision benefits
- Health savings account (employer contribution up to $1,100)
- 401(k) & 529 match programs
- Volunteer/charitable-giving programs
- Business casual dress