NYSTEC has a job opening for an information systems security analyst. Are you ready to contribute to our engaged workforce and to deliver the NYSTEC Experience?
Department: Information Systems Security
Location: Rome, NY
Salary: $77,469 – $106,520 per year
NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. Our mission is to deliver extraordinary value through independent advisory services by understanding our clients’ needs and responding effectively to enable their success. We are independent and we are vendor neutral.
In other words, we have our clients’ best interests at heart.
At NYSTEC, we succeed when our individuals and teams flourish personally and professionally.
About the Information Systems Security Analyst Role
As an information systems security analyst in the Information Systems Security department, you will assist the deputy CISO in providing oversight and direction for developing and supporting NYSTEC’s information security initiatives. This position will interface with staff and management across all levels of NYSTEC, as well as with external business partners, to ensure that NYSTEC’s critical business functions and systems are secure and in accordance with best practices. In general, the information systems security analyst will execute all information security functions for the company in keeping with a perspective to mitigate risk and balance enhanced capacity and productivity.
Key Responsibilities: Information Systems Security Analyst
In the role of information systems security analyst, you will:
- Ensure security configuration compliance on requirements, including but not limited to HIPAA/HiTrust and state and federal regulations.
- Administer security toolsets, as well as assist in working with external security vendors and the NYSTEC technical systems team in defining the scope of internal and external vulnerability scans and penetration tests.
- Develop and deliver security awareness training for the organization.
- Assist with developing and implementing global security policies, standards, and procedures.
- Ensure the confidentiality, integrity, and availability of the data residing on or transmitted through the organization’s systems, applications, databases, and any other data repositories.
- Detect any unauthorized attempts to access the system.
- Collaborate with the technical services team and cross-functional departments to remediate security risks.
- Assist in performing information technology risk assessments.
- Provide recommendations for additional security solutions or enhancements to controls to improve the overall security and “defense-in-depth” strategy.
- Assist in the deployment, integration, and initial configuration of all new security solutions and any enhancements to security solutions in accordance with established best practices and standards.
- Research, develop, implement, test, and review the organization’s information security to protect information and prevent unauthorized access.
- Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks or threat outbreaks. This should include continuation of education and certifications to maintain compliance with regulatory requirements and guidelines.
- Maintain documentation and evidence gathering for reporting and incident analysis.
Required Qualifications: Information Systems Security Analyst
Candidates applying for the information systems security analyst role should have the following knowledge, skills, and/or abilities:
- Proficient in Windows operating environment using Microsoft Office applications, email, and internet programs.
- Strong experience as an information security professional, with advanced experience developing, documenting, and driving the adoption of information security standards and procedures.
- Strong background with firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, Microsoft Office365, and Cisco IOS.
- Strong project management skills.
- Strong written and verbal communication skills, time-management skills, and the ability to prioritize tasks efficiently.
- Experienced in GRC tools—such as KnowBe4 KCM—to document risks, security exceptions, security incidents, policies, standards, and control procedures.
- Commitment to the NYSTEC Experience.
Preferred/Desired Qualifications: Information Systems Security Analyst
It would be helpful for candidates applying for the information systems security analyst role to have the following knowledge, skills, and/or abilities:
- CISSP or similar certification in information security preferred.
Education and Experience: Information Systems Security Analyst
For the information systems security analyst role, candidates should have the following education/experience:
- A minimum of a bachelor’s degree—preferably in cybersecurity or a similar discipline.
- Five years’ experience with security management frameworks (e.g., NIST, SANS, SCS).
An equivalent combination of education, training, and experience will be considered.
Equal Employment Opportunity (EEO)
It is NYSTEC’s policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact Talent_Management-Confidential@nystec.com if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.
Learn More about NYSTEC
If you’re an effective communicator who enjoys working in complex and collaborative environments, using your critical thinking and research skills to develop solutions for clients, and providing support to customers, we want to hear from you.
Do work that matters.