Information Systems Security Analyst

NYSTEC has a job opening for a consultant – quality assurance analyst. Are you ready to contribute to our engaged workforce and to deliver the NYSTEC Experience?

Department: Corporate Information Security
Location: Rome, NY
Salary: $77469 – $106520 Per Year

About Us

NYSTEC is a nonprofit technology consulting company, advising agencies, organizations, institutions, and businesses since 1996. We’re independent and vendor-neutral, so we have our clients’ best interests at heart. At NYSTEC, we know that we succeed when individuals and teams flourish personally and professionally, so our benefits and perks support that mindset. Are you ready to contribute to our engaged workforce and to deliver the NYSTEC Experience?

About the Information Systems Security Analyst Role

The information systems security analyst’s role is to assist the deputy chief information security officer (DCISO) in providing oversight and direction for developing and supporting NYSTEC’s information security initiatives. This position will interface with staff and management across all levels of NYSTEC, as well as with external business partners, to ensure that NYSTEC’s critical business functions and systems are secure and in accordance with best practices. The information systems security analyst will execute all information security functions for the company, in keeping with a perspective to mitigate risk and balance enhanced capacity and productivity.

Key Responsibilities: Information Systems Security Analyst

As an information systems security analyst, you will need to be prepared to:

• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).
• Maintain up-to-date baselines for the secure configuration and operation of all in-place devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices).
• Participate in investigations into problematic activity.
  Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
• Provide on-call support for end users for all in-place security solutions.
• Ensure security configuration compliance on requirements, including but not limited to Health
• Insurance Portability and Accountability Act/Health
• Information Trust Alliance (HIPAA/HITRUST) and state and federal regulations.
• Administer and maintain security tool sets.
• Develop and deliver security awareness training for the organization.
• Collaborate with the technical services team and cross-functional departments to remediate security risks.
• Assist with performing information technology risk assessments.
• Provide recommendations for additional security solutions or enhancements to controls to improve the overall security and “defense-in-depth” strategy.
• Assist with the deployment, integration, and initial configuration of all new security solutions and any enhancements to security solutions in accordance with established best practices and standards.
• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks or threat outbreaks. This should include continuation of education and certifications, to maintain compliance with regulatory requirements and guidelines.
• Demonstrate the NYSTEC Core Values and Behaviors.
• All other duties as assigned.

About You

Required Qualifications Information Systems Security Analyst

What we are looking for in a information systems security analyst:

• Knowledge and Application: Develops professional expertise; applies company policies and procedures to resolve a variety of issues. Determines a course of action based on guidelines and modifies processes and methods as required.
• Complexity and Problem Solving: Works on problems of moderate scope, which are often varied and routine, where analysis of situations or data requires the review of a variety of factors. Exercises judgment within defined procedures and practices to determine the appropriate action. Applies learned techniques and contributes to analysis and investigation to solve problems. Normally receives little instruction on day-to-day work and general instruction on new assignments.
• Collaboration and Interaction: Builds productive internal/external working relations to resolve mutual problems by collaborating on procedures or transactions. Focuses on providing standard professional advice and creating initial reports/analyses for review by experienced team professionals.
• Knowledge of security best practices across multiple platforms, such as Microsoft Windows, Microsoft Office365, and Cisco IOS. Understands how sharing and permissions work within SharePoint.
• Familiar with open-source intelligence sites and how to apply them to perform security analysis.
  Strong written and verbal communication skills, time-management skills, and the ability to prioritize tasks efficiently.
• Employs good organizational skills to maintain documentation and evidence gathering for reporting and incident analysis.
• Displays confidence in asking questions and bringing attention to concerns that may arise.
• Exercises a high degree of confidentiality and integrity.
• Is team-oriented and skilled at working within a collaborative environment.
• Understands NYSTEC’s mission, brand mindsets, and core values and can put the behaviors into practice.
  Preferred/Desired Qualifications

Preferred/Desired Qualifications

The ideal candidate for the information systems security analyst role will have:

• Security+, certified information systems security professional (CISSP) or similar certification in information security

Education and Experience

The ideal candidate for the information systems security analyst role will have:

• Minimum of a bachelor’s degree – preferably in cybersecurity or a similar discipline – and two years of experience with security management frameworks (e.g., National Institute of Standards and Technology [NIST], SysAdmin, Audit, Network, and Security [SANS], SCS.

An equivalent combination of advanced education, training, and experience may be considered.

Equal Employment Opportunity (EEO)

It is NYSTEC’s policy to provide equal employment opportunity (EEO) to all individuals, regardless of actual or perceived race, color, creed, religion, sex or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), age, national origin, ancestry, citizenship status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, military service and veteran status, sexual orientation, marital status, or any other characteristic protected by local, state, or federal laws and ordinances. NYSTEC is strongly committed to this policy and believes in the concept and spirit of the law.

Reasonable Accommodations

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact HR-Confidential@nystec.com if you require a reasonable accommodation to apply for a job or to perform this job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Work Authorization

Applicants must be authorized to work in the United States without the need for visa sponsorship now or in the future.

Learn More about NYSTEC

Interested in NYSTEC’s culture and values? Find out what it’s like to be a NYSTECer.

Apply Today

If you’re an effective communicator who enjoys working in complex and collaborative environments, using your critical thinking and research skills to develop solutions for clients, and providing support to customers, we want to hear from you.

Do work that matters.

Start Your Application