Cybersecurity Program Analyst - Sedara LLC
Buffalo, NY 14203
About the Job
Our primary mission at Sedara is to provide customers with security services in a way that provides value to them, towards better protecting their environment, data and employees. We are here to help provide a better understanding of security best practices, identify risks and mitigating activities and offer general guidance.
This Cybersecurity Program Analyst role will be primarily responsible for assisting with the management of customer security systems, including GRC, Security Assessments, security testing, SIEM, Endpoint Security, IDS and others. The responsibilities will include analyzing information, security tools, and customer data across many customer environments in accordance with Governance, Risk and Compliance. You will be expected to provide prescriptive guidance, program and project management on discovered security issues, current data collection practices, GRC, incident response activities and corrective actions.
- Project analyst for cybersecurity programs.
- Cybersecurity technical team member
- Engagement on cybersecurity, program management, enterprise systems or related technology advisory engagements.
- Matures cybersecurity policies and procedures.
- Project manages Governance, Risk and Compliance deliverables.
- Security Assessments
- Security Audits
- Vulnerability Management
- Vendor management to manage internal or 3rd party vendors.
- Possesses engagement experience in program scope and approach.
- Focuses on program delivery, technical integration, and solution delivery.
- Provides oversight of key information technology enablers, and management of project resources.
- Maintains accountability for managing daily operations of projects.
- Updates partners and directors of all major developments.
- Communicates with client and project managers.
- Assumes responsibility for program on-time delivery and oversight of key technical enablers on projects and identifies needs for new tools.
- Employ common project management and scheduling software to manage and coordinate multiple ongoing, sometimes geographically dispersed assessment projects.
- Experience in cybersecurity, IT system management, or cyber threat analysis of IT Security frameworks risk management methodologies, NIST, vulnerability assessment scanning tools, and network engineering.
- Review and develop Plans of Actions and Milestones (POAMs) as well as necessary artifacts.
- Facilitate the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities to include valid remediation of findings.
- Other duties as assigned.
About You
- Bachelor of Science degree in a science, technology, engineering or math discipline. Information Security disciplines a plus. Candidates with equivalent years of experience will also be considered.
- 0-3+ years' experience in IT and/or Security field
- Experience with log management/SIEM analysis and reporting tools preferred.
- Experience with EDR tools and investigative procedures a plus.
- Certifications in security and/or network specific preferred
- Experience with firewalls, vulnerability management, and intrusion detection systems preferred.
- Display an understanding of new trends and technologies related to IT Security and Compliance.
- Knowledge in key areas such as: Firewalls, IDS, IPS, VPN, Remote Access, Security Logging, Vulnerability Management, Security Incident Response, Penetration testing.
- Knowledge of DNS usage in corporate environments, from the endpoint up through global usage
- Additional security expertise in endpoint security, including: Anti-Virus protection, desktop encryption, device management, patching, etc.
- Solid understanding and discipline in following processes and procedures.
- Ability to troubleshoot and identify issues in technologies or process deficiencies.
- Demonstrated project management skills.
- Working knowledge and experience with networking concepts, protocols, and services.
Resources that will be provided to you:
- Direct training and mentoring by management and technical teams.
- Defined assistance and escalation paths
- Vendor/Product Support: Sedara maintains support on all systems and has access to additional technical resources as needed to answer questions and provide guidance to our team.
- Lab Environment for Testing – Sedara can provide limited lab environments for testing, training and documentation across a number of our platforms. We are typically able to provide licenses for any product that we use, to do internal testing as needed. We have flexible virtualization and air-gapped environments available as well.
Expected Salary Range: $55,000 - $67,500, based on experience.