IT Security Analyst

Job Description

• _ Compliance Evidence Collection and Gap Remediation_
• Collaborate with Risk and Compliance personnel to gather evidence for Compliance requirements (SOC II, ISO 27001, PCI, NIST 800-53, etc.).
• Develop and implement processes for evidence collection, ensuring accuracy, completeness and timeliness in response to audit requests.
• Collaborate with stakeholders to address compliance gaps and implement corrective actions.
• _ Security Incident and Event Management_
• Design, implement and maintain automated processes within the SIEM environment to enhance threat detection, incident response and log management.
• Collaborate with cross-functional teams to integrate security controls and enhance the overall effectiveness of the SIEM solution.
• Develop and maintain automated responses to common security incidents.
• _ Technical Security Analysis_
• Incident Detection and Response
  • Monitor SIEM alerts and investigate security incidents to determine the root cause and appropriate remediation actions.
• Automation
  • Design, implement and maintain automated security processes to enhance efficiency and reduce response times.
• Vulnerability Management
  • Prioritize and remediate identified vulnerabilities in collaboration with system owners and IT teams.
• Security Documentation
  • Create and maintain documentation related to security policies, procedures and configurations.
• Collaboration and Communication
• Communicate security risks and findings to technical and non-technical audiences effectively.
• Build relationships with stakeholders across groups to understand needs and requirements and the associated notification process.

Qualifications:
Qualifications

_ Knowledge and Experience_

• Bachelor's degree in Computer Science (or similar) or an equivalent combination of relevant education and work experience
• SANS, ISACA or GIAC certification is an asset, but not required
• Knowledge of the following:
  • Vulnerability management (scanning, reporting)
  • SIEM - network and agent based (installation, operation, triage)
  • Centralized log management
  • Compliance frameworks (NIST 800-53, SOC II, ISO 27001, PCI-DSS)
  • ITIL
• 2 or more years in an IT operations related position
• 1 or more years in an IT security related position is considered an asset

_ Technology_

• Automation Languages: Python, Ruby, Bash, PowerShell
• O/S: Linux/Unix, Windows
• Security Technologies: IAM, MFA, H/NIDS, Traditional Perimeter and Endpoint security
• Cloud: Azure and/or AWS
• Software: MS O365
• Experience with Open-Source projects is considered an asset

_ Soft Skills and Abilities_

• Critical thinking skills
  • Analytical skills, problem-solving skills
• Interpersonal skills
  • Communication, teamwork and collaboration
• Self-directed
• Growth mindset

_ Mandatory Requirements_

• Must be legally eligible to work in USA
• Must be fluent in English

Additional Information

CBN Secure Technology Inc. is an industry leader in Driver & Vehicle solutions for government entities. Our solutions enable U.S. State governments to issue the trusted physical and digital credentials (Driver Licence and Identification cards) that are relied upon by millions of people. CBN STI is the provider of choice for State governments who prioritize service and delivery excellence, a superior customer experience, and long-term value.

CBN STI's parent company, CBN, designs and develops industry leading solutions in these additional domains: Civil Identity, Border Security, Currency and Excise Control, and Lottery and Charitable Gaming. To learn more, visit .

_ Equal Opportunity Employer Statement_

CBN STI is committed to achieving a skilled and diversified workforce that reflects the diversity of the population. We encourage applications from everyone, regardless of age, race, disability, gender identity, religion, sexual orientation, or marital status. We are also committed to developing inclusive, barrier-free selection processes and work environments. If contacted regarding this competition, please advise the interview coordinator of any accommodation measures you may require.