Analyst – IT Security II

Responsible for the technical analysis and support of specific security products and/or systems (examples: IdM, NERC-CIP, IDS/IPS, Palo Alto… etc.). Focuses on the day-to-day operation of these targeted products/systems and escalated incident review.

• 2 years of relevant work experience. Bachelor’s degree in IT, Computer Science or related field preferred.
• Working knowledge and/or demonstrated experience with security tools is required.
• 1+ years of experience with IdM, UBA, ATD, IPS/IDS, NERC/CIP controls is a plus.
• 1+ years of experience with network security scanning tools (Nessus, Qualys, ISS, etc.) required.
• 1+ years of experience with Microsoft Windows 10, 7 and XP operating systems is required.
• 1+ years of experience with Microsoft Windows Server 2008 R2, 2012 R2 or 2016 operating systems is required.
• 1+ years of experience with Network server / Active Directory (AD) administration is required.
• 1+ years of experience with any Linux distribution is desired; experience with CentOS is a plus.
• Hands-on technical experience and strong knowledge of security operations, script reading and understanding, basic knowledge in languages such as JavaScript, Python, PowerShell, C#.
• Strong understanding of event analysis, incident response, threat intelligence, cyber investigation methodology and chain-of-custody requirements.
• Working knowledge of risk assessments, penetration testing, vulnerability analysis or disaster recovery.
• Working knowledge of Firewalls; Palo Alto firewalls is a plus.
• Working knowledge or prior experience with SIEM (Splunk preferred) and end-point protection (SCEP, Sophos, Bit9, Carbon Black) is a plus.
• Working knowledge of integrated MFA with OAuth or SAML technologies; 1+ years’ experience with ADFS or IDaaS preferred.
• Working knowledge and/or prior experience with Digital Rights Management is a plus.

• Operational day-to-day support of targeted security products/systems.
• Work on projects related to evaluating, testing, and deployment of new software systems/technology.
• Investigate, troubleshoot, analyze and resolve problems related to the IT security infrastructure as well as application and system problems escalated for senior level support.
• Monitor and audit security aspects of IT and product operations.
• Audit the First Solar AD structure to verify that only necessary rights and privileges are assigned.
• Participate in solution design reviews for applications, servers and networking.
• Assess escalated incidents from business departments or Security Team members.
• Ensure compliance with Quality, Environment, Health and Safety and Responsible Business Alliance policies and procedures.
• Undertake analytical activities and deliver analysis outputs in accordance with customer needs and security standards.
• Analyze business processes, identify alternative solutions, assess feasibility, and recommend new approaches; help establish requirements for changes in business processes.
• Investigate operational requirements, problems, and opportunities, seeking effective business solutions through improvements in automated and non-automated components of new or changed processes; identify acceptance tests with clients/users.
• Define scope and business priorities for small-scale changes and assist in larger scoping; elicit and document detailed requirements and ensure traceability; prioritize requirements with stakeholders.
• Specify and develop test scenarios to ensure updated processes deliver improved ways of working and deliver business benefits; record and analyze test results and provide user instructions.
• Apply data analysis and data modeling to establish or modify data structures.
• Review requirements and specifications, define test conditions, design test cases and scripts, map to criteria, and report outcomes; identify risks and issues.
• Discuss user experience and environment requirements to determine how complex products or systems will operate.
• Develop implementation plans for more complex change requests; evaluate risks to infrastructure, obtain approval, review change effectiveness, and contribute to change management procedures.
• Lead assessment, analysis, development, documentation and implementation of changes based on change requests.
• Identify and resolve issues with applications, using management tools to collect performance statistics and perform maintenance tasks.