Information Security Analyst

Title: Information Security Analyst III
Location: Houston, TX (Hybrid in 77002)
Duration: Direct-Hire
Work Requirements: , Holders or Authorized to Work in the US.

Job Summary (includes but is not limited to the following, other duties may be assigned)
The Information Security Analyst III is primarily responsible for executing the cybersecurity incident response lifecycle in conjunction with the team, administering systems and processes owned by the cybersecurity team, and validating/maturing the efficacy of all systems and processes that have a significant impact on the cybersecurity posture of the company.

The Information Security Analyst III possesses a strong technical background and understands risk mitigation and technical controls in some combination of the following areas: incident response, Information Security Risk Management (ISRM), secure architecture, identity, business continuity, end-point security, SIEM, web security, email security, and vulnerability management.

This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level.

Job Responsibilities

• Investigate, analyze, and respond to cybersecurity incidents.
• Administer technologies and processes owned by the cybersecurity team including those used for web filtering, end-point protection, incident response, email security, and security awareness.
• Execute processes that have a significant impact on cybersecurity including incident response, Information Security Risk Management (ISRM), secure architecture, identity, business continuity, end-point security, SIEM, web security, email security, and vulnerability management.
• Analyze current computer systems and procedures, and design information systems solutions to help the organization operate more securely, efficiently, and effectively.
• Assess systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
• Analyze technologies to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.
• Support automation and orchestration to maximize team talent and reduce routine tasks.
• Recommend necessary changes to the information security team to ensure the company's systems are fully compliant with all applicable regulatory requirements and privacy laws.
• Stay abreast of the security industry threat landscape, specifically within the company's industry.
• Recognize personal developmental needs and be proactive in obtaining the coaching, networking, and training needed to ensure continued success in the position.
• Create a working environment that is conducive to two-way communication, teamwork, and learning.
• Utilize open communication to ensure the standards, expectations and goals of the organization are respected and upheld.
• Assume responsibility for other duties as required or assigned.

• Bachelor's degree in computer science, information assurance, Management Information Systems (MIS) or related field, or equivalent.
• Preferably 6+ years of technical hands-on security experience.
• Experience dealing with some combination of information security incidents related to malicious websites, malicious emails, malware, unauthorized access, Denial of Service and password attacks.
• Hands on technical experience with some combination of the following security solutions: MS Windows Defender, MS Exchange Online Protection, MS Azure Security Center, MS Active Directory, Cisco Umbrella, Tanium, Cisco firewalls, Fortinet firewalls, Splunk, MS Azure Sentinel or Rapid 7.
• Knowledge of some combination of security standards and frameworks such as NIST, NERC CIP, TSA Pipeline, PCI, and SOX.
• Experience with cloud security and DevSecOps.
• Demonstrate strong written and oral communication skills.
• Demonstrate solid organizational skills and the ability to multi-task and prioritize workload.
• Demonstrate excellent judgment and the ability to make quick decisions and think outside the box when working with complex situations.
• Demonstrate a high level of flexibility.
• Possesses a high level of integrity, trustworthiness, and confidence, and represent the company and its management team at the highest level of professionalism.
• Demonstrate strong analytical skills and is effective at interpreting and applying applicable regulation.
• Work effectively with a variety of personalities and can adapt approach to effectively reach and mentor the team. Use this skill as well as functional knowledge to both earn and maintain a high level of credibility with the team.
• CEH Certified Ethical Hacker (CEH) preferred
• GIAC Certifications preferred
• CISSP (Certified information systems security professional) preferred
• CISM (Certified Information Security Manager) preferred

• Bachelor's degree in computer science, information assurance, Management Information Systems (MIS) or related field, or equivalent work experience

About INSPYR Solutions:
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.