Based out of our Home Office in Greenwood Village, CO the Security Operations Analyst is part of the IT Security team. The primary role of this position is for day to day tasks, monitoring, and tuning of the IT Security program. This position involves timely alert response, tool optimization, security awareness tasks and performing a security role in projects and business initiatives.
• Provides guidance, recommendations, requirements, research, best practices, and support on security topics for other team members.
• Acts as a point of escalation for technology security matters and mentors organization on security related knowledge and topics.
• Communicates clearly the purpose, use and objectives of security initiatives, programs and initiatives to both technical and end user audiences.
• Monitors system controls to ensure compliance with SOX and PCI regulations, as well as, NIST best practices. Participates in project planning to inform on impacts to regulatory compliance.
• Takes ownership of security tool set (install, operate, maintain and optimize) for efficient and timely alerting of security issues. Tracks vulnerabilities and issues in the environment and works with IT teams to remediate. The security tool set may include vulnerability scanning, malware detection, log analysis, system remediation, etc.
• Aid the Director of Security in vendor assessments, relationship management and product Proof of Concepts. Assess vendor solutions against environment needs and assist in choosing the best solution.
• Monitors and responds to alerts generated by the security tool set. Escalate to response teams for system remediation or hardening. Participate in incident response protocol and post incident analysis.
• Provide recommendations and support for corporate and field physical security. This may include changes to standards, policies, and procedures and coordinating with facilities security.
• Collaborate and partner across the IT department to recommend configuration and maintenance of network, systems, and information security equipment.
• Participates in the change control process. Represents security in change control meetings.
• Enhances security awareness by providing orientation, educational programs, and on-going communication.
• Provides technical documentation and organizational communication for security related initiatives, programs, and incidents.
• Performs other duties as assigned
• 5+ years in IT Security, Security SOC operations, or other relevant job experience required
• Bachelor’s degree from a four-year college or university, or equivalent required
• 5+ years experience supporting computer or network based IT Operations functions
• SANS, SSCP, CISSP or CISM preferred
• CISA certification preferred
Knowledge, Skills and Abilities:
• Familiarity and knowledge of security administration best practices.
• Thorough knowledge of data security including encryption, intrusion detection, firewalls, virus protection, etc.
• Understand the issues involved with managing, administering and maintaining institutional technology infrastructure, including network connectivity, Internet access, wireless access, email, etc.
• Ability to review and evaluate networks and collaborate on recommendations for changes.
• Must have superior communication skills, both orally and in writing, using the English language.
• Must have excellent customer skills.
• Ability to gather information from other IT staff and non-IT staff to obtain information regarding potentially related problems to network systems.
• Knowledge of monitoring and maintaining routers, switches, firewalls, and other networking devices.
• Ability to research and recommend purchases of tools to maintain and improve information security systems.
• Must demonstrate ability to provide written organizational communication and technical documentation.
• Ability to use office equipment, computers, and network diagnostic tools.
• Ability to competently advise and/or serve staff from a variety of backgrounds, respecting cultural and socio-economic differences.
• Ability to work cooperatively with and contribute to a diverse workplace through ideas or experience.
• SME in Information Security Policies, Security Awareness, System Administration, Network Security, Knowledge of Firewall Functions, Problem Solving, Process Improvement, Project Management, On-Call, Knowledge of Network Protocols, Routers, Hubs, and Switches
Red Robin is an Equal Opportunity & E-Verify Employer