Information Security Analyst
Information Security Analyst
Are you a problem solver, explorer, and knowledge seeker – always asking, “What if?”
If so, you may be the new team member we’re looking for. Because at SAS, your curiosity matters – whether you’re developing algorithms, creating customer experiences, or answering critical questions. Curiosity is our code, and the opportunities here are endless.
What we do
We’re the leader in analytics. Through our software and services, we inspire customers around the world to transform data into intelligence. Our curiosity fuels innovation, pushing boundaries, challenging the status quo and changing the way we live.
What you’ll do
As an Information Security Analyst within Global Information Security, you will be responsible for helping protect SAS by developing and executing innovative security controls, defenses and countermeasures designed to help prevent internal and external attacks. Candidates should possess a diverse set of skills including automating security tasks, security architecture, security operations tool development, risk assessment, incident response, log analysis, consulting and providing guidance about best practices.
- Research attempted or successful efforts to compromise systems security, determines causes of security violations, and designs countermeasures.
- Routinely conduct security risk assessments on networks and systems and makes recommendations to management to improve security and avoid negative impact on the business caused by theft, destruction, alteration, or denial of access to information and systems.
- Maintain network security devices such as IDS/IPS, proxy servers, NGFWs, etc.
- Develop and maintain existing security operations tools.
- Respond to security incidents as part of the Incident Response Team.
- Evaluate new products as they are being considered and provides recommendations for usage.
- Research latest security best practices, staying abreast of new threats and vulnerabilities and helps disseminate this information to appropriate groups within the organization.
- Coordinate and execute security projects for the organization.
What we’re looking for
- 3+ years of demonstrable information security experience.
- Bachelor’s degree in computer science or related quantitative field.
- If not already certified as a CISSP, be capable of qualifying for and passing related certification exam.
- Ability to analyze and classify security events for remediation.
- Experience with log management/SIEM technologies and configuration.
- Experience automating tasks via various scripting languages (Python, PERL, PHP, and/or Shell).
The nice to haves
- Experience with securing cloud servers such as AWS, Azure, etc.
- Ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments.
- Ability to review and advise on policies, procedures, technical documentation and contract reviews.
- Ability to prioritize work and meet deadlines.
- UNIX and Windows system administration.
- Demonstrated understanding of TCP/IP networking.
- Knowledge of information security practices and procedures.
- Knowledge of risk management standards and procedures.
- Ability to utilize both manual and automated attack methods.
- We love living the #SASlife and believe that happy, healthy people have a passion for life, and bring that energy to work. No matter what your specialty or where you are in the world, your unique contributions will make a difference.
- Our multi-dimensional culture blends our different backgrounds, experiences, and perspectives. Here, it isn’t about fitting into our culture, it’s about adding to it – and we can’t wait to see what you’ll bring.
- And how about tuition reimbursement; a training budget for you to stay current with technologies; advanced certification options, and an onsite physical and virtual library of 8,000+ books, periodicals, CD audios, DVDs and other materials to further your self-studies.
To apply for this job please visit careers-sas.icims.com.