IT Security Analyst 1

• Our core values represent who we are and who we are constantly striving to be. The Purple Guys provides comprehensive employment benefits, including health insurance, PTO, and 401K match.

Position Summary

The Security Analyst 1 will provide tactical level support for our clients and provide leadership and guidance to the Security Technicians. The role is responsible for client facing response and internal guidance to complete security related tasks. The Security Analyst 1 is also responsible for ongoing, continual trends and emerging threats, and provide oversite of the security stack.is responsible for reviewing and maintaining security compliance both internally and at clients. The Security Analysts 1 role is the primary point of contact for security related tasks such as vulnerability management, intrusion detection, compliancy, change management, and risk assessments. The Security Analyst 1 must keep up to date with the latest security bulletins and work closely with the proactive team to meet clients business objectives while keeping their environments secure from threats.

Essential Duties/Responsibilities:

• Manage Identification, prioritization, and remediation guidance of security risks.

• Research potential information security threats, industry trends, emerging technologies, and response alternatives.

• Participate in cross functional projects inside and outside of Corporate Security to ensure that security concerns are addressed throughout the project life cycle. Ensures security projects are delivered on time and on budget.

• Collaborate in the facilitation, analysis, execution, and governance for contracted security engagements, driving remediation with internal and external partners.

• Collaborate on approval, tracking and reporting any security exceptions as the need arises.

• With vCISO, perform IT Risk Assessments, identify risks, recommendations, and remediation

• Perform third-party vendor risk assessments

• Understanding of information security risks, threats, and controls including the ability to design effective controls that mitigate risk.

• Understanding of information security audit and assessment methodologies, policies, standards, procedures, and best practices.

• Understanding of core IT concepts and functions.

• Knowledge of information security standards, data privacy laws, computer crime laws, and federal data protection laws, etc.

Professional Development

• Routinely take self-paced training in technologies relevant to the team

• Obtain industry certifications on a consistent basis

Administrative

• Enter all notes and time worked on the appropriate service ticket

• Enter time worked on each ticket daily

• Schedule managed client reviews or other on-site matters via scheduling calendar in ConnectWise

• Enter expenses on service tickets for any related credit card purchases and submit receipts daily

• Submit time sheets on a weekly basis, due by Saturdays at 12P

Qualifications:

• 2 years' experience with incident detection and incident response

• 2 years' experience with network security hardware such as firewalls

• Experience configuring security in Microsoft 365 and Azure

• Industry certification such as Security+, CCNA Security, or CEH

Language Skills

• Ability to communicate professionally, in English, both written and orally

• Ability to write business correspondence and process procedures

• Ability to effectively present information and respond to questions from groups of managers, clients, and the general public

Certificates, Licenses, Registrations

• Valid Driver's License

Physical Demands

• Regularly required to use hands to operate computer keyboard and telephone

• Frequently is required to walk and sit

• Moderately required to stand

• Occasionally needs to lift and/or move up to 50 pounds

• Specific vision abilities required by this job include close vision, and ability to adjust focus

Commitment Limitations

• May not enter into any contractual arrangements with a client

Business Behavior/Anti-Trust

• Do not discuss proprietary information (Company's or client's) or business in general outside of work requirement

• Do not discuss company prices or terms of sale unless with client in act of performing job