Sr Information Security Analyst

ABOUT THE JOB:

This individual is responsible for leading in the design, implementation and integration of advanced security operations solutions including but not limited to Identity and Access Management, Threat Management (i.e. Vulnerability Management, SIEM, and Incident Response) and Network Security.  The Sr Information Security Analyst will also provide technical security guidance to Application Development and Infrastructure teams.  Supports Information Security Engineer and Architects in strategic planning, new tool selection and process improvements.

WHAT WILL YOU DO IN THIS ROLE:

  • Design, Integration, and Management of Advanced Security Operations solutions including but not limited to Threat Management solutions (System, Network, and Application Vulnerability Management, SIEM and Incident Response) Identity and Access Management solutions, and Network Security solutions (Firewalls, IDS/IPS, VPNs, and Cloud Access Security Brokers).
  • Work with the appropriate IT Teams to create and maintain applicable security standards for IAM, Vulnerability Management, and IT systems such as Networks, Windows, Linux,Database, Endpoint Security, etc.
  • Maintain and Implement Incident Handling Plan, serve as incident responders performing initial forensics and incident handling capabilities and plan, coordinate, and perform security testing exercises such as Pen Testing and Tabletop Exercises.
  • Develop strategies to improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
  • Lead the creation and maintenance of documentation related to NCCI’s security framework, program, and standards where applicable to role

WHAT YOU NEED TO BRING TO THE ROLE:

  • Bachelor's degree and a minimum of 5 years of experience in a Sr. Information Security Analyst role with proven expertise in multiple aspects of security and IT operations
  • At least one advanced information security certification such as CISSP, SANS GIAC, CEH, etc.
  • In lieu of the degree, additional work experience and/or trade school or applicable certifications. Years of experience requirement can be offset with demonstrated NCCI knowledge of security solutions and proficiencies in various infrastructure platforms (e.g., window servers, Linux, etc.)
  • Advanced knowledge of Information Security concepts, principles, and practices
  • Advanced knowledge of security aspects for multiple operating systems, networking technologies, encryption technologies, and applications
  • Advanced knowledge of network security technologies such as Firewalls, VPN, IDS/IPS, Cloud Security, etc.
  • Advanced knowledge of Identity and Access management including Role Design, Campaign Design, Source System Integration, etc.
  • Advanced knowledge of continuous monitoring principles including threat management, SIEM, File and Database Activity Monitoring, and Incident Response
  • Intermediate knowledge of Secure Coding principles
  • Intermediate scripting experience with knowledge of programming languages such as PERL, Java, .NET, etc.
  • Detailed knowledge in multiple security domains inclusive of Security Management, Access Control Systems and Methodology, Network Security, Cryptography, Operations Security, Application and System Development Security, Threat Management and Incident Response.
  • Detailed knowledge of security control frameworks, standards, governance and security best practices.
  • Proven ability to work independently with guidance in only the most complex situations
  • Excellent organizational, planning, written and verbal communication skills.
  • Strong client facing skills with ability to deal and lead conversations with large technically diverse teams.
  • Organized, responsive and highly thorough problem solver with strong ability solve complex problems, analyze information, identify and assess risks and make tactical and strategic recommendations.
  • Experience driving measurable improvement in security operations and risk reduction within the organization
  • Excellent time management skills to aid in meeting specific goals and plans to prioritize, organize, and accomplish.
  • Proven learning agility and seeks to excel, be curious and adaptable
  • Ability to act as lead in managing security related projects and investigations.
  • Ability to maintain a high level of professionalism and confidentiality.
  • Ability to work well under pressure.
  • Ability to be on-call and work outside of regular business hours as needed

WHAT WILL MAKE YOU A MORE VIABLE CANDIDATE:

Additional advanced information security related certifications from SANS GIAC (Global Information Assurance Certification); ISACA, ISC2, etc.

WHAT'S IN IT FOR YOU:

• A competitive starting base salary plus a targeted annual performance bonus

• A phenomenal work environment, with perks including onsite restaurant and coffee shop, employee activities, onsite fitness center, and sports leagues

• A wonderful team of dynamic people to work with who are fun, caring and friendly

• A fantastic benefits package that’s hard to find in South Florida


WHO WE ARE:

Since 1923, NCCI has been committed to fostering a healthy workers compensation system. We are the nation’s trusted source for accurate, objective workers compensation information. We are the industry leader. At NCCI, we recognize that our employees are the reason our legacy endures today. We’re motivated by the opportunity to do challenging and interesting work, and our Total Rewards package attracts top talent. Our employees care about each other and the communities in which they live and work. Our values of integrity, respect, quality and excellence, responsibility, and commitment, guide our success.


We require a drug screen and background check.

EEO/Smoke Free environment