The Information Security analyst is responsible for the analysis, detection and investigation efforts of Security Information and Event Management (SIEM) activities that impact the enterprise. They must maintain visibility on all security information and events activities and provide insight into attacks or attempts to compromise the organization's assets. This individual will assist in identifying information security issues and providing support during incident response that includes cyber threat analysis support, research, recommending relevant remediation and mitigation.

Daily operations consists of the creation, tuning, optimization and overall maintenance of; use cases, rules, filters, queries, threat feeds and monitoring channels and mapping of the MITRE ATT&CK® Framework. The Information Security Analyst must be able to capture security events of interest and provide reasonable assurance to management on the effectiveness of controls implemented to address the risk and the vulnerabilities that could expose the company to any potential compromise. The position will require daily collaboration with IT and business units on security and project related issues one or more IT functional areas (e.g. data, systems, network, and/or applications) across the enterprise. Assisting with procedure documentation, training, and departmental audit activities as needed

An Information Security analyst must be experienced and knowledgeable in information security issues as well as the SIEM tool being used in the environment and must possess a combination of the following skills, and competencies.

• Solid understand of enterprise log management
• Must be knowledgeable about the different threats and vulnerabilities that confront the organization.
• Be aware of security baselines of information and technology assets within the organization.
• Working of the various versions of operating systems such as Windows, Linux and MacOS.
• Good understanding of additional security technologies and equipment such as firewalls and other network devices (e.g. switches and routers), intrusion prevention system (IPS), intrusion detection system (IDS), public key infrastructure (PKIs), encryption key management, threat analysis.
• Work with business and process owners to create correlation rules, filters and use cases specific and relevant to the business.
• Develop, implement, maintain and operate standard content development practices for SIEM infrastructure.
• Collaborate with security operations center (SOC) analysts to optimize the SIEM infrastructure to better serve the needs of the business and create adequate visibility on information assets/infrastructures of interest.
• Forensics investigation and analytical skills.
• Use of network Analysis tools (e.g. Wireshark, etc.).
• Endpoint Protection Platform (EPP),File integrity monitoring (FIM), Database Activity Monitoring (DAM), Identity and Access Management (IAM), Internet Policy Enforcement, Web Content Filtering, Data Loss Prevention (DLP) solutions.

Position Requirements:

• Strong analytical and problem-solving skills to enable effective security incident and problem resolution
• Microsoft Excel, Word, and Visio skillset i.e. graphs, formatting, basic formulas
• Proven ability to work under stress, with the flexibility to handle multiple high-pressure situations simultaneously
• Ability to work well under minimal supervision
• Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel
• Strong written and verbal communication skills
• Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships
• Commensurate experience considered in lieu of degree

Preferred:

• Preferred Certifications (CISSP, CISM, GSEC, CISA, etc.)
• Preferred Degrees (Cybersecurity, Computer Science, Information Systems, or other equivalent degree)
• Knowledge of the security methodology frameworks such as NIST, COBIT, CIS
• General understanding of risk management
• Understanding of enterprise risk management systems and automation platforms

**This is an on-site position in OKC that offers a hybrid schedule.

Education

• High School or better

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)