WHAT DOES AN INFORMATION SECURITY ANALYST DO?
Published: Aug 28, 2025 - The Information Security Analyst supports IT compliance efforts by monitoring adherence to internal policies and external regulatory requirements at the federal, state, and local levels. This role maintains and analyzes compliance metrics, dashboards, and audit reports to ensure accurate visibility and actionable insights for stakeholders. The analyst also conducts control assessments, identifies deficiencies, and recommends improvements to enhance the effectiveness of IT processes and internal controls.

A Review of Professional Skills and Functions for Information Security Analyst
1. Information Security Analyst Duties
- Security Monitoring: Monitor, triage and respond to SIEM, UEBA and EDR alerts for client security events
- Incident Investigation: Investigate and resolve faults or abnormal behavioral scenarios on MSS products
- Change Management: Research and implement customer-generated change requests for MSS products
- Case Escalation: Generate incident cases and escalate to superordinate teams in accordance with time and severity-based SLAs
- Infrastructure Maintenance: Perform tasks associated with the installation, turn-up and maintenance of CenturyLink security infrastructure
- Skills Development: Participate in company-sponsored job-related activities plus training to further develop management and technical skills
- Vendor Assessment: Reviewing and completion of vendor security assessments, data classification, and risk acceptance processes
- Metric Reporting: Maintain established regular security metric reporting
- Vulnerability Scanning: Maintain and improve established vulnerability scanning, static application security testing (SAST), and other software component analysis (SCA) tools and processes
- Cloud Environment: Focus on a Linux-driven, JS/JVM environment on AWS cloud-based architecture
2. Information Security Analyst Details
- On-call Support: Perform on-call duties for Fusion Watch response during off-hours as part of TD's incident and event management process
- Information Sharing: Engage with information sharing teams to create non-technical communication materials
- Stakeholder Notification: Inform critical stakeholders on emerging events that have or may have an impact on TD to ensure consistent information is gathered and shared with appropriate stakeholders
- Audience Communication: Communicate to impacted teams and key stakeholders using appropriate language targeted to the audience
- Incident Coordination: Facilitate timely engagement and coordinate incident response with core Fusion Centre partners during active information security events/incidents, by facilitating calls, taking minutes and tracking action items
- Readiness Assessment: Engage key stakeholders to conduct a detailed internal assessment of TD's readiness against a scenario experienced by the external party
- Playbook Management: Establish and maintain Fusion Watch communication and coordination playbooks (for internal incidents and external 'celebrity' events), and a comprehensive list of Fusion Centre partners required for response
- Communication Products: Contribute to the development and delivery of Fusion communication products
- Stakeholder Engagement: Build and maintain relationships with business units and key stakeholders
- Policy Compliance: Adhere to policies, procedures, technology control standards and regulatory guidelines
- Process Review: Contribute to internal activity and process review, flag windows for improvement
- Issue Escalation: Assess, identify and escalate issues appropriately
3. Information Security Analyst Responsibilities
- Tier 3 Support: Responsible for providing tier 3 support for security operations
- Security Monitoring: Responsible for managing 24x7 security monitoring, investigation of incidents, process improvements and proactive threat hunting
- Threat Investigation: Perform investigation and escalation for complex or high-severity security threats or incidents
- Analyst Mentorship: Serve as an escalation resource and mentor for other analysts
- Tool Administration: Administer security toolsets supporting Security Operations
- SIEM Development: Work with SIEM Engineering and other security partners, developing and refining correlation rules
- Task Coordination: Work on complex tasks assigned by leadership, which may involve coordination of effort among Level 1/2/3 analysts
- Evidence Management: Coordinate evidence/data gathering and documentation and review of Security Incident reports
- Report Development: Define and assist in the creation of operational and executive reports
- Tool Requirements: Define tool requirements to improve SOC capabilities
4. Information Security Analyst Job Summary
- Risk Identification: Participate and identify security risks companywide and ensure that appropriate data security procedures and products are implemented
- Policy Awareness: Maintain an awareness of bank security policies and government regulations about information security
- Security Review: Review the development, testing, and implementation of security plans, products, and control techniques
- Standards Development: Develop and implement security standards, procedures, and guidelines for multiple platforms and diverse systems environments
- Incident Investigation: Investigate and recommend appropriate corrective actions for data security incidents
- Regulatory Monitoring: Identify regulatory changes that will affect information security policy, standards, procedures, and recommend appropriate changes
- Security Consulting: Provide security consulting and project management services on highly complex information security projects and issues
- Issue Resolution: Collaborate and consult with peers, colleagues, and managers to resolve issues and achieve goals
- Customer Interaction: Interact with internal customers
- Independent Judgment: Receive direction from leaders and exercise independent judgment while developing the knowledge to understand function, policies, procedures, and compliance requirements
5. Information Security Analyst Accountabilities
- Security Auditing: Expand security auditing and ensure the proper ongoing operations of security tools
- Internal Security: Provide internal information security for other business and IT projects
- Secure Configuration: Identifying, documenting, and implementing secure configurations and architectures
- Policy Implementation: Oversee information security processes and implementation of policies
- Security Metrics: Responsible for security metrics every month to ensure the proper service levels are maintained
- Critical Approvals: Provide additional coverage for approvals and notifications to other IT groups for critical time-sensitive operations including firewall changes, password reset approvals, and application vetting
- Access Reviews: Ongoing reviews of access controls by investigating improper access, revoking access, reporting violations, monitoring requests, and recommending improvements
- Incident Leadership: Provide technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts
- Privacy Consulting: Provide internal consulting on Privacy matters including GDPR
- Technology Assessment: Maintain awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm
- Contract Negotiation: Assist in negotiations of software licensing and support agreements
- Project Management: Participate in and/or manage cross-functional team projects to implement new or updated technology
- IT Cross-Training: Cross-train other IT staff in the use or maintenance of technology
- Knowledge Transfer: Provide information security knowledge transfer to other IT staff and business
6. Information Security Analyst Functions
- Security Support: Provides support for security solutions during and after business hours
- Standards Compliance: Adheres to and ensures methodologies follow technical standards
- Process Documentation: Maintains security process documentation
- Technical Engineering: Technical engineer for information security solutions
- Cross-Functional Innovation: Work cross-functionally across security engineering to drive innovation
- Metrics Monitoring: Track and monitor key metrics
- Client Partnership: Develops partnerships with business clients
- Subject Expertise: Maintains expertise to function as a subject matter expert in multiple security areas
- Regional Contact: Be the Information Security single point of contact and representative in the ASML Chandler region for any Information / Customer security-related topics or issues
- Risk Championing: Build excellent working relationships with ASML Business units, championing security risk management within the assigned region
- Risk Mitigation: Assess and mitigate the risks associated with the ASML regional network, systems and processes to provide a safe and secure environment
- Risk Register: Develop and maintain the Information Security Risk register
- Regional Support: Assist the Sector Risk Managers (SRM) in understanding the regional security requirements and risks from regional offices, customers, and suppliers to obtain mutually agreed upon solutions
- Security Awareness: Evangelize Information Security policies and raise Security awareness knowledge to foster an attitudinal change in Security knowledge, process, and requirements
- Incident Response: Support ASML Cyber Defense Organization (CDO) activities and ensure 7/24/365 response on any major IT security incidents in the region
7. Information Security Analyst Job Description
- Threat Identification: Work collaboratively with the BFS Business and Technology stakeholders to identify new and emerging threats facing the BFS business
- Risk Analysis: Analyse the potential risk exposure and identify any potential gaps in current governance and control frameworks for remediation
- Framework Alignment: Partner with key technology stakeholders to identify opportunities to leverage and/or augment centrally provided security governance and control frameworks
- Governance Coordination: Coordinate periodic security governance requirements including senior management reporting, security control framework revisions, etc.
- Third-Party Assessment: Assess the information security posture of potential and existing third-party partners and the subsequent risk to BFS
- Security Reviews: Undertake and support detailed information security reviews of existing third-party partners
- Risk Mitigation: Support the development and implementation of pragmatic risk mitigations to minimize residual security risks associated with third-party partners
- Security Expertise: Provide subject matter expertise on security risks to vendor managers and the BFS Vendor Management Office
- Assurance Review: Review vendor-supplied independent assurance documentation and support vendor managers to understand and minimise residual risk exposures
- Risk Monitoring: Operationalize processes for monitoring and review of security risk monitoring via platforms such as SecurityScorecard and external information feeds
- Client Relationship: Maintain strong relationships with internal clients and teams whilst driving acceptable risk outcomes for the organisation
8. Information Security Analyst Overview
- Risk Assessment: Assess the information security risks in accordance with NISP and local regulations and collaborate with global CIS to drive remediation of vulnerabilities and risk gaps
- Incident Analysis: Analyze cyber security events and incidents, then follow Nike processes to report, remediate, and recover
- Vendor Compliance: Perform risk assessments on partners and vendor connections and enforce their compliance with Nike’s security requirements
- Security Advocacy: Become an advocate of NIKE's Information security procedures, policies, processes, and standards as a mechanism to enable the business to operate effectively while managing risks appropriately
- Risk Visibility: Identify, document, and elevate visibility of information security risks, where business direction creates potential for exposure to employee, athlete, and business-sensitive data streams
- Program Alignment: Perform regular review of KISP against NISP and make relevant updates to ensure their alignment
- User Training: Train users and promote security awareness across the board to help maintain a high level of system security and improve IT controls to protect Nike’s assets
- Privacy Collaboration: Collaborate closely with Legal and Privacy to ensure that security measures are considered appropriately throughout the lifecycle of systems and solutions
- Recovery Planning: Develop the territory-specific DR plan and support tech teams to evaluate its efficacy in liaison with CIS TRM team
- Control Review: Perform regular security reviews on IT controls in place, e.g., PII data management, security settings in the systems, network, etc
- TechOps Coordination: Work closely with the Korea TechOps team to ensure all IT systems and resources are well covered by global security solutions
- ISMS Assessment: Liaise with CIS and global technology operation teams to perform the yearly assessment to maintain the Korea ISMS
- Trend Monitoring: Stay current on information security technologies, trends, standards, and best practices
9. Junior Information Security Analyst Details and Accountabilities
- User Management: Create, modify, and delete user profiles in various systems
- Documentation Update: Create, modify documentation related to user profiles management (e.g., request processing, procedure update)
- Customer Support: Provide customer service via phone, e-mail and various ticket management systems (Polish and English)
- Team Cooperation: Cooperation with technology and other teams on requests and issues related to user profiles management
- Project Execution: Complete simple projects end-to-end
- Task Scheduling: Realize project tasks with the schedule
- Problem Solving: Problem-solving and initiating corrective action plans
- Meeting Participation: Active participation in project meetings
- Team Communication: Ensure proper communication between team members
- Stakeholder Engagement: Engage in special projects representing the Chief Information Security Office and work directly with Business/Technology and Operations stakeholders
- Compliance Review: Periodic review of External data transfers and their compliance with Citi standards
- Incident Response: Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
- Task Management: Execute daily ad hoc tasks or lead projects
- Call Coordination: Participate in or lead daily and ad-hoc conference calls
- Process Documentation: Create, update or provide process documentation, or provide requested evidence for compliance and controls requests
10. Cyber Information Security Analyst Tasks
- Security Operations: Conduct the full spectrum of operational security support, maintaining an in-depth cybersecurity posture, and providing security program implementation reports
- Access Management: Process access requests, plan and manage user accounts, domain groups, accounts, alt tokens and other accounts used to access key system components
- Access Review: Conduct periodic reviews of access lists, revoking access
- Cryptography Compliance: Maintain awareness and comply with DoD and industry standards and technologies used for cryptography and maintain certificates and infrastructure used to secure system data
- Incident Handling: Respond to security incidents and provide incident notification and handling via specific government-directed policies
- Log Monitoring: Monitor systems, applications, and logs to identify potential unauthorized access attempts via specific government-directed policies
- Vulnerability Assessment: Conduct vulnerability assessments and provide comprehensive scans and audits of complete security boundaries including all network and computer-related assets, policies, and processes, to maintain the required system security posture
- Mitigation Strategy: Review, analyze, and develop vulnerability mitigation strategies for all IAVA, IAVB, and OPDirs and implement vulnerability corrections
- Breach Response: Respond to major computer security breaches and viruses, with a focus on forensic analysis and understanding of recent intrusion events
- Penetration Testing: Conduct offensive penetration, simulation of current adversaries’ tactics and tools and advise on how to ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
11. Information Security Analyst Roles
- Risk Assessment: Follow the Security Risk Assessment process to assess security risk within HL across multiple business processes, functional areas, and IT systems
- Approval Oversight: Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by junior analysts and apprentices
- Security Research: Research and report on security-related topics such as threats and regulations
- Team Supervision: Supervise the work of junior analysts and apprentices, and provide guidance
- Secure Design: Help the Senior team members embed the principle of secure by design throughout the business
- Project Engagement: Engage with the SDLC process and project teams and represent InfoSec
- Security Training: Participate in a cybersecurity awareness and training program
- Audit Support: Assist with ongoing compliance and third-party security audits such as pen tests and PCI-DSS
- SIEM Operation: Design, implement and operate a SIEM/SOC/SOAR tool
- Intrusion Detection: Intrusion detection systems configuration and monitoring
- Incident Response: Identify, contain, remediate and recover from all cybersecurity incidents
- Threat Intelligence: Proactive threat intelligence analysis
- Data Protection: Data from accidental or unauthorized modification, destruction, or disclosure
- Emergency Processing: Adheres to emergency data processing needs
- Policy Violation: Reviews violations of security procedures
- Violation Training: Provides training to ensure violations do not recur
- Access Control: Monitors and restricts access to sensitive, confidential, or other high-security data
12. Information Security Analyst Additional Details
- Vault Management: Employee Identity Access Management role supporting the HashiCorp Vault application
- ITSM Management: Proactive management of ITSM activities to maximize customer experience and increase the overall value of supported applications/functionalities
- Business Support: Provide business support for security applications for identity, authorization, and policy management in a multi-tiered infrastructure
- Risk Assessment: Implement risk management procedures, perform security threat assessments
- Access Control: Manage user identities and access, and drive compliance with security policies
- Defect Resolution: Drive defect resolution through design and development of simple, reusable, service-enabled, maintainable, and scalable security solutions that meet business requirements and comply with information security policies
- Team Partnership: Partner with peers and other internal identity access management teams
- Governance Alignment: Ensure delivery of services aligns with governance controls and support requirements
- Project Delivery: Interlock with cross-functional teams and deliver global projects, working with regional offices
- On-call Support: Provide support off shift and be available for on-call support out of standard working hours
- Security Research: Research new methodologies to improve security and development practices
- Employee Coaching: Coach junior-level employees on application processes and security best practices
13. Information Security Analyst Essential Functions
- Alert Response: Review and respond to alerts/logs generated by the security tools
- Incident Tracking: Capture and track security incidents and ensure all threats are resolved in line with policies
- Risk Communication: Communicating risk to both technical and business-oriented teams
- Awareness Activities: Conduct and champion Security Awareness activities
- Security Review: Perform Security reviews to detect anomalies and ensure compliance with security policies and procedures
- Policy Management: Review and update security policies, procedures and forms
- Application Risk: Assess the risks associated with the introduction of new applications, hardware, networks and other communication channels and propose necessary controls
- Third-party Assessment: Perform a third-party risk assessment and define required security controls
- Customer Assurance: Ensure fulfillment of customers' information security expectations
- Data Protection: Coordinate all efforts related to personal data protection
14. Information Security Analyst Role Purpose
- Network Monitoring: Operates and monitors network intrusion detection and prevention sensors and other information security monitoring infrastructure
- Threat Intelligence: Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations
- Alert Analysis: Performs analysis and response to Tier I and II security-relevant alerts and events
- Traffic Assessment: Assesses network traffic patterns and session data for indicators of malicious activity with assistance
- Incident Response: Plays a strong supporting role in prompt and effective response to information security incidents
- Vulnerability Remediation: Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
- Report Delivery: Generates, edits, and delivers reports derived from security tools and GSOC activities
- Investigation Support: Support of forensic investigations and penetration testing activity
- Cloud Security: Supports the automation and improvement of the overall cloud security posture at Asurion
- Audit Remediation: Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that affect core information security services
- Knowledge Update: Updates job knowledge by tracking and understanding emerging security practices and standards
- Professional Development: Participating in educational opportunities and reading professional publications
- Network Engagement: Maintaining professional networks and participating in professional organizations
15. Information Security Analyst General Responsibilities
- SSP Development: Develop and support maintenance of System Security Plans (SSP) and related security documentation for internal systems
- Audit Preparation: Prepare for, participate in, and support security certification and NIST-800-53-based compliance audits (FISMA, FedRAMP, 800-171, CMMC, etc.)
- Evidence Collection: Gather or coordinate the collection of necessary evidence
- Assessment Execution: Conduct NIST SP 800-53A assessments on internal systems through personnel interviews and documentation review
- Compliance Review: Determine compliance with policies and procedures, recommend corrective actions, and prepare findings reports
- POA&M Tracking: Create POA&Ms and track associated mitigation
- Vulnerability Review: Review and process monthly vulnerability scan results for assigned systems and work with the technical teams to ensure vulnerabilities are resolved on time
- SLA Monitoring: Track SLAs on audit and continuous monitoring findings
- Project Management: Self-manage assigned projects, report status, issues and recommendations for success
- Incident Investigation: Investigate potential or actual information security violations and incidents and identify areas or issues requiring IT security-related research and development efforts
- SOC Certification: Facilitate the process to conduct periodic re-certifications of all SOC tasks and process documentation
- Issue Resolution: Resolve basic technical security issues to determine the root cause and implement corrective action with an appropriate level of assistance
- Documentation Maintenance: Maintain up-to-date Incident Management Team technical documentation, procedures and workflows to assist in performing event and incident investigations
- Tool Testing: Execute test cases on security administration tools used by SOC to perform security investigations
- Process Improvement: Identify opportunities to improve the efficiency and effectiveness of SOC processes and procedures
- Security Advising: Advise business unit managers, the IT team, and the user community of the security controls to be implemented, ensuring a balance between operational and information security needs
- Contingency Assessment: Conduct security assessments, risk analyses and assess contingency plans for Vanguard computer facilities, telecommunications capabilities, and installations to verify the existence and effectiveness of safeguards, as a member of the information security team
16. Information Security Analyst Key Accountabilities
- Cyber Transformation: Supporting global, regional and country-level cyber transformation projects, initiatives and ad-hoc activities to uplift, mature and align the APAC technology security control environment
- BaU Management: Manage and support Technical Security BaU activities (Security tools, solutions and processes, Regional IT and Infrastructure function liaison and alignment)
- Infrastructure Integration: Help ensure regional IT infrastructure integrates and complements global security solutions, ensuring global requirements are met
- Global Alignment: Ensure global alignment and support structure in line with the Global CISO operating model for regions, e.g., Anti-Virus, Firewall, DLP, IPS, PAM, Web Proxy
- Team Engagement: Ensure Technology teams are engaging and alignment with central teams and functions
- Local Compliance: Support local tools and requirements where the need arises, ensuring compliance with Chubb policy and standards
- Process Assessment: Conduct assessments of existing security operational processes and recommend changes to associated policies, standards, controls and procedures
- Firewall Oversight: Support assurance review over IT-requested Firewall rule changes across the region, ensuring challenge and oversight
- Vulnerability Management: Support regional Vulnerability management activities, ensuring globally aligned scanning and reporting services are embedded and consumed in the APAC region
- Security Governance: Support Security governance through regular meetings with APAC IT teams to highlight and maintain focus on the regular resolution of infrastructure-related vulnerabilities
17. Information Security Analyst Roles and Details
- VMS Reporting: Work with Vulnerability management tooling to extract and produce ad-hoc reporting
- Report Customization: Customise and share VMS reports to the line of business in addition to base reporting
- Threat Mitigation: Maintain awareness of emerging vulnerabilities and act to mitigate threats and remediate vulnerabilities
- Security Testing: Support Security testing activities that may involve the APAC region (red teaming, purple teaming)
- Penetration Support: Support and advise Technology teams from the Security perspective on penetration tests, and application scanning vulnerability findings
- Remediation Review: Review suggested remediations to ensure appropriateness and issue resolution
- Incident Response: Support the Regional and Global Information Security team to respond, analyse and support during a security incident and work closely with the local technology teams and IT system engineers, as well as the Chubb SOC, to resolve the incidents
- Post-Incident Review: Participate in post-incident reporting and propose enhancements to the systems and IT infrastructure to close the security gaps
- Process Testing: Coordinate periodic testing of information security-specific processes, such as incident response plans
- Issue Tracking: Help the RISO team track and maintain a central view of technical security gaps and issues in the regional Issue register
- Risk Remediation: Help ensure that risk remediation plans with relevant parties to achieve compliance with security requirements and mitigate identified risks to an acceptable level
- Regulatory Support: Support the RISO in the assessment and response to technical cybersecurity-related aspects highlighted in notices, circulars and guidance arising from APAC regulators
- Security Principles: Defines and documents relevant information security principles, practices and delivers timely reports on relevant information security metrics
- Security Insights: Provide management with insights around the region in relation to Information Security matters
18. Information Security Analyst Responsibilities and Key Tasks
- Security Architecture: Participate in the planning and design of enterprise security architecture under the direction of the Chief Information Security Officer
- Governance Documentation: Participate in the creation of information security governance documents (policies, standards, baselines, guidelines and procedures) under the direction of the Chief Information Security Officer
- BCP Planning: Participate in the planning and design of the Agency's Business Continuity Plan and Disaster Recovery Plan, under the direction of the Chief Information Security Officer
- Industry Awareness: Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
- Security Research: Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency
- Solution Deployment: Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically
- Baseline Maintenance: Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e., workstations, servers, network devices, etc.)
- Configuration Management: Maintain operational configurations of all in-place security solutions as per the established baselines
- Solution Monitoring: Monitor all in-place security solutions for efficient and appropriate operations
- Log Review: Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.)
- Activity Resolution: Interpret the implications of that activity and devise plans for appropriate resolution
- Activity Investigation: Participate in investigations into problematic or suspicious activity
- Security Testing: Participate in the design and execution of vulnerability assessments, penetration tests and security audits
- On-call Support: Provide on-call support for Information Security Incident Response activities
- Staff Training: Inform and train staff members on their responsibilities concerning information security procedures
- Regulatory Compliance: Support the administrated processes to maintain compliance with regulatory obligations (e.g., PCI DSS)
- Asset Compliance: Assist with ensuring that agency technology assets, systems, services, and facilities are compliant with information security procedures
- Awareness Outreach: Participate in ongoing information security education, awareness and outreach activities
- Threat Monitoring: Monitor threat intelligence and other available information to proactively enhance the Agency's security posture
19. Information Security Analyst Duties and Roles
- SOW Management: Partners with IT and business units to create, document and monitor Managed Services statements of work
- Control Implementation: Ensures detection and mitigation controls are implemented
- Incident Response: Responds to violations following incident management processes and reports out to management
- Architecture Design: Works with IT Platform, Application, System and Network teams to create Logical, Physical and Data architecture diagrams
- Behavior Normalization: Normalizes endpoint behavior, data access and network traffic
- Monitoring Procedures: Implements security monitoring and documents standard operating procedures for the Incident Management Team
- Orchestration Support: Works closely with Cyber Security Operation teams to build and maintain security orchestration, playbooks and automation
- Process Automation: Identifies opportunity areas to increase efficiency and automates manual processes
- Procedure Updates: Creates and updates standard operating procedures and reports out to management on efficiency gains
- Monitoring Configuration: Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency
- Event Analysis: Monitors security systems, analyzes events and investigates security-related incidents
20. Information Security Analyst Roles and Responsibilities
- Threat Modeling: Creates Threat Hunting models for Endpoints and Network Traffic
- Endpoint Analysis: Analyzes endpoint including logging, EDR, IPS and DLP tools
- Network Analysis: Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools
- Incident Handling: Focuses on critical systems within the client’s network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
- Progress Communication: Keeps management within the department informed by communicating progress, issues, concerns and opportunities
- Security Notification: Assesses and immediately notifies manager of any potential information security breach and security issues that may hurt business operations
- Process Improvement: Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise
- Dashboard Awareness: Maintains an awareness of the department's dashboard and provides suggestions to improve performance
- Intelligence Identification: Identifies Tactical Intelligence relevant to clients' systems
- Response Coordination: Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls
- Threat Escalation: Escalates internal threat issues to the Insider Threat Team
21. Information Security Analyst Duties
- SIEM Expertise: Serve as a deeply skilled and knowledgeable resource for the corporate SIEM
- Alert Response: Analyzing and responding to alerts generated by the SIEM, the analyst will be expected to tune the SIEM to reduce false positives
- Rule Creation: Create custom rules in the SIEM, and advance the capabilities of the SIEM to make it a more effective enterprise security solution
- Incident Documentation: Document and track security incidents and breaches using the corporate GRC platform
- Dashboard Development: Develop dashboards and metrics to help track the current state of security tooling
- Program Advancement: Use these artifacts to guide advancements to the corporate security program
- Playbook Creation: Create playbooks that describe standard incident response procedures and the operation of security tooling
- Tool Operations: Work with security engineering personnel to take over operational duties for new and existing security tools deployed to the environment
- Process Automation: Recommend and implement ways to automate the incident response process through the corporate SIEM/SOAR platforms
- Forensic Investigation: Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc.
- Gap Remediation: Assist clients in identifying and remediating gaps as identified throughout the investigation
- Client Guidance: Provide clients with guidance and advice regarding cyber incidents, forensics, and incident response
- Report Writing: Document findings and create well-written reports
- Operational Support: Perform operational support of information security technology
- Project Delivery: Complete project tasks to enable the on-time, within budget and scope delivery of information security projects
- Security Communication: Present new and existing information security information to the workforce and management
- Process Development: Develop an incident response process and procedures
22. Information Security Analyst Details
- Risk Assessment: Understand technical implementation details necessary to identify and assess security risks and recommend mitigating controls
- Compliance Oversight: Participate in the development and oversight of required corrective action plans relating to security compliance issues
- Audit Support: Support business relationships with the internal and external security auditors and regulators
- Requirement Evaluation: Identify, research and evaluate new compliance requirements and ensure they are incorporated into SimplePractice’s security policy framework
- Policy Communication: Support the communication of policies, procedures, and plans to internal stakeholders regarding security and compliance best practices around applicable laws, regulations and controls
- Control Remediation: Support the identification, validation and remediation of information technology controls
- Regulatory Compliance: Responsible for Data Security Standards (HITRUST and PCI), regulations governing personally identifiable information (PII) and other applicable regulatory compliance frameworks
- Program Alignment: Partner with internal teams to ensure successful security programs that align with compliance requirements
- Stakeholder Needs: Understand the security needs of internal and external stakeholders around external business partners and maintain a process that meets stakeholder needs
- Program Management: Manage daily activities and functions of the external business partner management program
- Assessment Coordination: Coordinate and drive business partner security assessment activities for both inbound and outbound relationships
- Risk Mitigation: Lead assessments of business partner security risk, develop mitigation plans, and work with internal stakeholders to assign monitoring responsibility
- Annual Assessment: Prepare and complete annual risk assessments and assist with regulatory and accreditation audit preparation
- Partner Selection: Support business partner selection on significant sourcing decisions and reassess security risk for business partners before contract renewal
23. Information Security Analyst Responsibilities
- Audit Execution: Perform audits and vulnerability assessments
- Security Communication: Ensure communication and escalation of security activities to leadership, assist in the development process and operating procedures
- Vulnerability Strategy: Help develop and implement a vulnerability identification and remediation strategy to limit compromise
- Device Hardening: Assist in standard device hardening guidelines and policies
- Vulnerability Resolution: Assist in troubleshooting, diagnosing and resolving vulnerabilities
- Policy Enhancement: Review and enhance security policies that cover physical and logical access to systems and the management of private data
- Risk Assessment: Perform IT risk assessments, incident investigations, root cause analyses, and forensics
- Compliance Alignment: Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements
- Control Evaluation: Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details to assess and recommend security control improvements or identify mitigating controls
- Deficiency Remediation: Assist with the remediation of control deficiencies identified during the audit process
- Incident Response: Develop an incident response process that effectively prioritizes by the highest risk
- Mitigation Solutions: Develop technical solutions to help mitigate security vulnerabilities
- Security Engineering: Perform security engineering for complex, multi-platform systems, datacenters, GCP and multi-cloud environments
- SIRT Participation: Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents promptly, within the Cloud Operations and Corporate IT environments
24. Information Security Analyst Job Summary
- Alert Review: Using specialized tools, review alerts generated by intrusion detection systems as well as logs produced by multiple types of systems
- Incident Tracking: Open and track incidents based on suspicious alerts and/or logs in accordance with the intervention protocol of each client
- Vulnerability Tracking: Track vulnerabilities found on the infrastructure of clients using vulnerability detection systems
- Scan Scheduling: Assist with the identification and recommendation of solutions related to the scheduling of the scans
- Network Monitoring: Monitor the networks of clients using remote monitoring and intrusion detection infrastructure
- Infrastructure Availability: Ensure the availability of said infrastructure and recommend solutions that would improve the security posture of the clients
- Monthly Reporting: Produce the required monthly reports
- Support Response: Answer and respond to calls for support
- System Evaluation: Contribute to the evaluation of intrusion detection systems in the pre-production environment
- Anomaly Detection: Identify and report anomalies and/or suggest improvements to the remote monitoring solution
- Traffic Analysis: Reviews and analyzes network traffic and threat logs to identify and detect intrusions, anomalous conditions, scanning activities, and security violations within the company’s environment and at enterprise perimeters
- Tool Proficiency: Research and maintain proficiency in open source and commercial exploitation tools
- Automation Development: Develop and implement scripts, tools and techniques to automate exploit prevention, detection and response
- Forensic Analysis: Performs event and Incident Investigations and Forensic Analysis to determine the root cause and identify Indicators of Compromise for threat intelligence additions
- Threat Intelligence: Reviews new and ongoing threat intelligence reports for applicability within the environment and updates internal watch lists for monitoring and alerting within the SIEM
- Scan Analysis: Analyze completed vulnerability and compliance scans, report any missing devices or network subnets with absent or incomplete scan results
25. Information Security Analyst Accountabilities
- Escalation Support: Serve as an escalation resource for SOC analysts
- Incident Response: Perform Incident Response for security threats or incidents
- Correlation Development: Work with SIEM Engineers and other security partners, developing and refining correlation rules
- Task Execution: Work on complex tasks assigned by the SOC management
- Evidence Coordination: Coordinate evidence/data gathering and documentation for Security Incident reports
- Procedure Improvement: Provide recommendations for improvements to incident playbooks, procedures, and monitoring
- Emergency Response: Provide emergency response as a member of CSIRT or as an escalation as part of a 24/7 on-call rotation
- Alert Support: Operational support for information security tool alerts, triaging, and maintenance
- Security Operations: Execute on information security activities such as vulnerability management, application development security, business continuity, networking and risk management
- Forensic Response: Perform first-level incident response and computer forensics activities
- Control Assessment: Assess security controls and evaluate the security posture of the organization's internal controls
- Third-party Evaluation: Evaluate third-party relationships for compliance with organization security standards
- Program Development: Collaborate with the IT department and Business colleagues to develop security programs as an SME
- Trend Research: Researches security trends, new methods, and techniques used to preemptively eliminate the possibility of system breach
- Security Expertise: Serve as Subject Matter Expert (SME) on information security-related projects and initiatives assigned
- Confidentiality Maintenance: Maintain confidentiality on all sensitive security matters
26. Information Security Analyst Functions
- Event Monitoring: Monitor, analyze, and triage security events to ensure the maintenance of a strong security posture
- Incident Support: Provide Incident Response support when actionable security incidents are identified
- Tool Evaluation: Evaluate and leverage security-focused products (such as application security scanners, endpoint security, vulnerability management, data loss prevention, etc.)
- Vendor Assessment: Assist with 3rd party security assessments for new and renewing vendors
- Risk Review: Conduct security reviews to assess technical and business risk
- Posture Improvement: Recommend ways to improve and update the security posture
- Configuration Review: Work closely with the IT teams to review configurations, hardening, and controls in diverse environments
- Threat Knowledge: Maintain strong knowledge of recent security vulnerabilities, attack vectors, attack methods, and remediation techniques
- Standards Development: Develop security standards and best practices for the whole organization
- Alert Investigation: Investigate alerts and respond to incidents
- Security Inquiry: Respond to security inquiries from staff, customers, and third parties
- System Maintenance: Help deploy and maintain security systems relating to vulnerability management, endpoint detection and response (EDR), intrusion detection and prevention
- IAM Support: Identity and access management, e-mail security, cloud security, deception technologies, etc
- Script Development: Develop scripts to quickly parse data or automate tasks
- Web Scanning: Conduct web application vulnerability scans
- Incident Liaison: Acting as a liaison between Information Security, Product Development, Legal, Human Resources, Managed Services, and other teams during security incidents
- Audit Response: Respond to security assessments/audits from customers or business partners
27. Information Security Analyst Job Description
- Regulatory Expertise: Provide subject matter expertise related to NIST CSF, NIST 800-53, ISO27001, PCI DSS, SOC 1, SOC 2, and other information security regulations
- GRC Services: Establish, maintain, and mature GRC services as a primary or backup service owner (e.g., Risk Management, Policy Management, etc.)
- Risk Process: Help establish a common risk management process including risk identification, analysis, decision-making, scoring, treatment planning, and tracking
- Risk Reporting: Prepare risk management metrics and reporting
- Risk Planning: Work with DriveTime technical and business professionals to determine appropriate risk treatment decisions and plans
- Tool Identification: Identify governance, risk, and compliance (GRC) tools to manage a list of external authoritative sources, information technology controls, corporate policies and procedures, vendor management systems, and risk management workflows
- Audit Preparation: Prepare internal and external audit evidence
- Law Proficiency: Maintain proficiency with applicable laws, regulations, and standards
- Meeting Facilitation: Conduct internal risk and compliance meetings as a subject matter expert
- Document Maintenance: Draft and maintain compliance documents (e.g., policies, standards, procedures, etc.)
- Best Practice Adoption: Coordinate the adoption of information security best practices throughout the enterprise
28. Information Security Analyst Overview
- SIEM Monitoring: Monitor and analyze data using SIEM products and security dashboards
- Risk Analysis: Interpret log data to identify potential risks
- Mitigation Execution: Plan, facilitate, and perform mitigation activities
- Alert Response: Investigate security alerts and notifications for potential threats
- Risk Prioritization: Prioritize mitigation efforts based on risk assessment findings
- Vulnerability Remediation: Prioritize and address remediation tasks from vulnerability scans
- Remediation Planning: Plan, coordinate, and execute remediation efforts
- Vulnerability Impact: Assess the impact of new vulnerabilities on the SOS environment
- Control Assessment: Review existing security controls and identify potential gaps
- PCI Compliance: Lead and oversee all PCI compliance activities
- SAQ Responsibility: Manage the completion of the annual PCI Self-Assessment Questionnaire (SAQ)
- Assessment Tracking: Track and manage quarterly PCI vulnerability assessments
- Proactive Planning: Collaborate with leadership and technical teams to develop and implement proactive security strategies
- Vendor Liaison: Serve as the primary point of contact with the firewall vendor on behalf of SOS
29. Information Security Analyst Details and Accountabilities
- SIEM Analysis: Use a SIEM product/security dashboards to view and analyze data
- Log Interpretation: Interpret log data to determine risk
- Task Mitigation: Plan, facilitate, and perform mitigation tasks
- Alert Investigation: Investigate security alerts and notifications
- Risk Prioritization: Prioritize mitigation tasks identified in risk assessment reports
- Scan Remediation: Prioritize remediation tasks identified in vulnerability scans
- Task Remediation: Plan, facilitate, and perform remediation tasks
- Vulnerability Awareness: Understand how new vulnerabilities may affect the SOS environment
- Control Review: Review security controls and analyze possible gaps in the SOS environment
- PCI Oversight: Lead oversight for PCI compliance
- SAQ Management: Responsible for annual PCI SAQ
- Assessment Tracking: Responsible for tracking quarterly PCI vulnerability assessments
- Security Planning: Work with leadership, technical staff to plan and execute proactive security plans
- Vendor Liaison: Point of contact for SOS in working with the firewall vendor
30. Information Security Analyst Tasks
- SLA Monitoring: Meet service level agreements (SLAs) regarding response time and customer notifications
- KPI Management: Assist with and define both team and service key performance indicators (KPIs)
- Client Coordination: Work with clients and tools vendors to address all security-related issues
- Investigation Coordination: Coordinate security investigations based on internal processes and procedures
- Control Implementation: Assist customers or facilitate the implementation of protective and mitigating security controls
- Tool Management: Perform manage, add, change, and delete operations within the security tools
- Request Fulfillment: Handles the fulfillment of all security requests and calls from the user
- Incident Resolution: Drives resolution as it relates to customer-facing incidents and change management
- Security Contact: Provides a central contact point for implementation, architecture and problem management for managed security applications (Firewall, IDS, Encryption, SIEM, EIQ, Web filtering)
- Vulnerability Scanning: Scan system devices for vulnerabilities according to compliance policies – Nessus
- Incident Response: Initiate security incident response including tracking and recovery actions
- Event Analysis: Analyze and validate the network and hosts based on Intrusion Detection System events
- Change Management: Service and Change management knowledge and understanding
- Response Coverage: Monitors SLAs for responsiveness and coverage
- Service Reporting: Provide regular reports and statistics for service line management
- On-call Support: Participate in an on-call rotation
- Team Guidance: Provide oversight and guidance to junior team members as it relates to the Security realm
- Process Improvement: Document and create process improvements when gaps are/have been identified
- Emergency Support: Participate in an on-call rotation to provide emergency support
31. Information Security Analyst Roles
- Security Strategy: Planning, implementing and measuring an effective and compliant Ciklum IT Security Strategy
- ISO Compliance: Supporting compliance with the ISO 27001 Standard
- Policy Development: Creating and continuously improving the policies and procedures
- Standard Improvement: Develop and improve Ciklum security standards and blueprints
- Risk Assessment: Conduct information security risk assessment and treatment planning
- Control Implementation: Implementation and continuous improvement of security controls
- Audit Coordination: Coordinating internal, certification and supervisory audits
- Penetration Support: Supporting IT infrastructure vulnerability and penetration testing
- Security Review: Regularly conduct a security review and audits of server and network equipment configurations, physical security measures
- Event Monitoring: Security events monitoring, analytics and reporting
- Access Audit: Audit of access matrix and controls
- Patch Verification: Verify appropriate patch management across the IT Infrastructure
- Endpoint Standards: Continuously develop endpoint security standards
- Incident Management: Inform Security incident response, investigation, escalations and reporting
- Security Awareness: Develop a security education and awareness programme
32. Information Security Analyst Additional Details
- Incident Monitoring: Monitors and responds to potential security incidents, service requests and requests for information
- System Administration: Performs basic administration of Information Security Systems
- Awareness Program: Monitors and manages the Information Security Awareness program operations
- Script Execution: Executes security systems test scripts under the direction of a Senior Analyst
- Report Preparation: Prepares system security reports by collecting, analyzing and summarizing data and trends
- Control Recommendation: Works with Senior Analysts to make recommendations for mitigating controls
- Patch Monitoring: Monitors and analyzes Patch Management Systems activity reports
- Knowledge Tracking: Updates job knowledge by tracking and understanding emerging security practices and standards
- Professional Development: Participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations
- BCP Documentation: Assists in the development, production and maintenance of BCP/DR materials and documentation (e.g., plans, emergency response procedures, call lists, test results, etc.)
- Crisis Support: Works with the Senior Analyst to assist with crisis management in the event of a business interruption
- Ownership Mentality: Enhances department and organization reputation by accepting ownership for accomplishing new and different requests
- Team Contribution: Participates in and leads proactive team efforts to achieve departmental and company goals
- Value Adoption: Adopts Fairway values in personal work behaviors, decision making, contributions and interpersonal interactions
- Work Culture: Contributes to a positive work environment by demonstrating cultural expectations and influencing others to reward performance and value "can do" people, accountability, diversity and inclusion, flexibility, continuous improvement, collaboration, creativity and fun
33. Information Security Analyst Essential Functions
- Privacy Development: Working with business-side privacy officials, develop and implement privacy policies and practices for new/emerging technologies
- Law Analysis: Analyze privacy laws and regulations, maintain established privacy practices and revise and recommend safeguards or PII reduction methods to policy makers and personnel
- Compliance Activities: Conduct regular privacy compliance activities in accordance with government laws and regulations
- Breach Response: Respond to privacy data breaches from discovery to closure and recommend future mitigation techniques
- Training Delivery: Develop and deliver annual privacy awareness training to employees
- Policy Advisory: Analyze privacy laws, mandates, regulations, and policies
- Impact Analysis: Advise on potential impacts to the business unit's programs and activities
- Routine Compliance: Perform routine privacy compliance activities in accordance with appropriate laws
- Privacy Reporting: Prepare periodic privacy reports and assist other offices in the completion of their privacy reports
- Policy Review: Review and recommend updates to privacy policies and procedures
- Database Management: Manage privacy-related reporting databases
- Event Monitoring: Monitor external events involving privacy that may raise concerns with the organization's systems
- Incident Coordination: Coordinate with other offices in responding to and mitigating privacy data incidents or breaches
- Risk Assessment: Other security risk assessment and audit tasks, e.g., conducting security scans, auditing systems, and preparing reports
- Business Development: Assist with business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership materials
34. Information Security Analyst Role Purpose
- Policy Development: Assess policy requirements and develop policies and procedures for integrating Assurance in Software Engineering (ASE) into acquisition phases and sustainment of AF weapon systems
- Plan Coordination: Plan, develop, and coordinate ASE policy development and plans for weapon system Platform Information Technology (PIT) covering various aspects
- Cyber Integration: Coordinate policy development for the integration of Cyber Resiliency into software supporting operations throughout the lifecycle of AF weapon systems
- Policy Review: Review existing and proposed policy documents related to Cyber Resiliency and ASE
- ASE Expertise: Provide expertise in ASE, particularly for weapon system Platform Information Systems (PIT) and Embedded Systems, to enhance cybersecurity and resiliency of operational software
- Software Consistency: Ensure consistency in security and resiliency software across operational systems and align with system-level requirements, CONOPS, and architectures
- Technical Review: Review technical approaches of programs to identify opportunities for improving cybersecurity and resiliency in PIT and Embedded systems
- Program Evaluation: Review acquisition programs for integration and technical changes that enhance software security and resiliency
- Contract Review: Work with the contracts review team in reviewing and redlining security clauses in customer contracts
- Term Negotiation: Negotiate security terms with customers
- Query Response: Review and respond to customer security queries, questionnaires and risk assessments
35. Information Security Analyst General Responsibilities
- Strategic Design: Participates with the client in the strategic design process to translate security and business requirements into technical designs
- System Validation: Configures and validates secure systems and tests security products and systems to detect security weaknesses
- Vulnerability Analysis: Performs network scanning and vulnerability analysis
- Security Compliance: Ensures that the appropriate security features and safeguards have been implemented on all information systems as required by DoD/IC policy and directives, and industry best practices
- Device Maintenance: Performs defense device system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of all implemented, maintained, and deployed systems
- Certification Testing: Provides security certification test and evaluation of assets, vulnerability management and response, security assessments, customer support and guides on security issues
- Security Planning: Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information
- Control Assurance: Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure
- Breach Response: Respond to computer security breaches and viruses
36. Information Security Analyst Key Accountabilities
- Project Leadership: Working as an SME on a variety of different projects across the organisation, ranging from large acquisitions through to initiatives that touch technology, people and processes
- Security Guidance: Serve as a security expert on change programmes, providing guidance and support to enable change delivery teams to comply with enterprise and technology security policies, industry regulations and best practices
- Risk Alignment: Support deliveries with robust risk assessment/mitigation and ensure that they align to the appropriate technology change framework and that solutions meet the relevant operating principles, to protect the Business, whilst continuing to deliver change
- Requirement Identification: Identify appropriate security requirements through a deep understanding of the business requirements and security control environment for each phase of a project or change initiative
- Technology Evaluation: Undertake technology evaluations and provide recommendations for the security aspects of new applications
- Security Design: Working with the IT solutions team to detail the security design into project templates
- Stakeholder Awareness: Ensure all stakeholders are aware that global and local requirements are met, with the skillset to influence change at all levels
- Risk Prioritization: Conduct risk analysis and contribute to the prioritisation of information security initiatives based on risk and business need
- Option Articulation: Weigh business needs and security concerns, make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders
- Risk Communication: Communicate known security risks and solutions to mitigate risks to business and technology partners
- Incident Support: Assist with the investigation and operational support of the information security incident management processes
- Solution Integration: Ensure solutions are fully integrated into business-as-usual activities
- KPI Delivery: Ensure regional KPIs and KRIs are defined and delivered
- Expertise Maintenance: Maintain current expertise in information security technology, methodology, tools, threats/vulnerabilities, news and regulatory changes, emerging security trends, issues and threats
- Security Acceptance: Work with Project Management to ensure that projects have met all Security / Production acceptance criteria before design and implementation into production
- Risk Leadership: Provide leadership within a framework of prudent and effective controls that enable risk to be assessed and managed to fit within the Organization's agreed risk appetite
37. Information Security Analyst Roles and Details
- PCI Compliance: Obtaining and retaining full PCI-DSS compliance across the estate, brands and territories
- Training Standards: Maintaining PCI-DSS education and training standards to accepted levels
- Security Innovation: Bring innovation to how to continue to identify and respond to threats, to how to manage and secure payment card information
- Stakeholder Engagement: Demonstrate continuous improvement in ways to engage and communicate with key stakeholders
- Subject Expertise: Maintaining and improving Information Security subject matter expertise
- System Monitoring: Monitor and analyze systems for indication of security incidents
- Incident Handling: Initiate security incident handling procedures and create incident handling reports
- Log Analysis: Perform log correlation and analysis
- Tool Maintenance: Provide maintenance and reporting for various security tools including vulnerability management solutions, SIEM, UTMs, HIDS, etc.
- Event Simulation: Design and deploy simulated security events as part of a security awareness training program
- Control Monitoring: Support continuous monitoring programs in Cloud and Corporate environments to ensure control activities are operating effectively
- Process Documentation: Document security processes and operational tasks
- Technology Evaluation: Analyze and evaluate new technologies
38. Information Security Analyst Responsibilities and Key Tasks
- Policy Monitoring: Monitor adherence to Security Governance Policies and Compliance Best Practices
- Standards Adherence: Acknowledgement and adherence to Technical Security/Privacy Standards
- Technical Assurance: Provide technical assurance skills around IT and Security
- Audit Support: Provide support for all external audits such as SSAE 16, HIPAA, HITRUST, NIST, PCI and more
- Access Review: Perform all access reviews at a set regular interval
- Documentation Maintenance: Maintain client security documentation by making regular scheduled reviews and updates
- Mailbox Monitoring: Maintain and monitor shared mailbox activities, triage incoming queries, and work with relevant product owners to provide accurate responses to clients
- Stakeholder Interaction: Interacting with diverse stakeholders including external service providers, IT project managers, systems administrators, and sales executives
- SAQ Support: Provide support to sales executives in answering security assessment questionnaires (SAQ) relating to RFIs and RFPs
- Development: Self-motivated to learn new skills, technology, and industry security best practices
39. Information Security Analyst Duties and Roles
- Security Maintenance: Maintaining the security level and integrity of BASF’s implemented security technology stacks as a mitigation strategy against cybersecurity threats
- Control Implementation: Plan, implement and upgrade security measures and controls
- Improvement Planning: Address necessary improvements in the organization
- Threat Remediation: Maintain the security level by implementing automated or manual measures such as system containment and remediation of security threats
- Control Currency: Ensure all security mitigating controls are current with any software or hardware changes
- Team Collaboration: Work with Solution Architects and DevOps Teams across the company by communicating potential flaws in the security of their systems
- Security Recommendation: Recommend changes that will improve the security footprint of BASF
- Gap Documentation: Creating documentation to help close security gaps
- Assessment Execution: Perform Security Assessments with administrators and internal business partners for company-owned endpoints such as mobile and workplace devices as well as the corresponding workplace infrastructure
- Policy Reporting: Develop reports to share with related and process involved stakeholders about the efficiency of implemented security policies and recommend any changes
- Threat Research: Proactively perform security research by utilizing public and internal Threat Intelligence Office (TIO) information
- Status Evaluation: Evaluate the security status of IT implementations across segments organization
40. Information Security Analyst Roles and Responsibilities
- Governance Execution: Work within the Information Security and Privacy department to implement/execute governance and compliance processes
- Control Oversight: Provide oversight and reporting on key controls and risk management measures, including Data Loss Prevention
- Risk Assessment: Initiate and review security risk assessments and gap analysis of systems and third parties
- Ongoing Monitoring: Monitor these on an ongoing basis to ensure completeness
- Training Administration: Compile training materials in relation to Information Security, administer the rollout and track to completion
- ISMS Support: Assist in the development and maintenance of the Information Security Management System (ISMS)
- Metric Collection: Collect and collate metrics related to the performance of Information Security controls
- Report Input: Provide input to board reports, committee reports, forums, policies and procedures, as well as other ad-hoc materials
- Request Response: Respond to client/regulator information requests
- Repository Maintenance: Ensuring that the repository of source material is kept up to date and accurate
41. Information Security Analyst Duties
- Compliance Support: Support IT compliance programs to ensure alignment with UPS's organizational, regulatory, and risk obligations
- Policy Monitoring: Monitor IT compliance with the organization’s policies and procedures
- Regulatory Compliance: Monitor IT compliance with existing Federal, State and Local regulatory requirements
- Metrics Maintenance: Maintain information security and compliance metrics that are meaningful and actionable
- Dashboard Accuracy: Ensure that reports, trackers, and visibility dashboards reflect the true state of compliance for various audiences
- Audit Operations: Perform daily audit-related operational activities
- Remediation Tracking: Work with business partners to track/manage remediation of control deficiencies identified during audits and compliance assessments
- Control Evaluation: Examine internal controls to determine design and operational effectiveness
- Requirement Analysis: Analysis and interpretation of regulatory compliance requirements
- Process Improvement: Identify opportunities and make recommendations to improve the efficiency and effectiveness of IT internal controls and operating processes
- Review Execution: Perform compliance reviews of various applications and infrastructure