Cyber Security Analyst (Remote)

WHO WE ARE

Susan G. Komen brings a 100% virtual working environment, and you can work anywhere within the U.S. We are a force united by a promise to end breast cancer forever. For over 40 years, we've led the way by funding groundbreaking research, community health initiatives and advocacy programs in local communities across the U.S.  Susan G. Komen is the ONLY organization that addresses breast cancer on multiple fronts such as research, community health, outreach and public policy initiatives to have the biggest impact against this disease.

Komen strives to have a culture of passionate, growth-minded professionals who thrive in a team environment, and work collaboratively to inspire greatness in others!  We take an ongoing approach to ensure open communication from all levels throughout the organization.  It’s encouraged to give and receive feedback to ensure two-way accountability with a focus on continual improvement both personally and professionally!

What you will be doing in the role of a Cyber Security Analyst

The Cyber Security Analyst is a member of the IT Department.  The Cyber Security Analyst protects systems, hardware, applications, services, and networks from threat actors globally. The analyst's primary role is to understand the organization’s IT infrastructure in detail, monitor and identify malicious activity, identify vulnerabilities, maintain compliance obligations, and evaluate threats. 

What you will bring to the table 

• General Operational tasks supporting Information Security Operations.
• Assist in the development and monitoring of policies, procedures, playbooks, and best practices.
• Maintaining compliance obligations associated with HIPAA, Payment Card Industry, and the Center for Internet Security. 
• Identify potential vulnerabilities and advise on solutions to mitigate the associated risks.
• Development of KPIs and metrics related to application security risk.
• Collaborate with IT professionals to harden systems and applications.
• Participate in Disaster Recovery, Business Continuity, and Incident Response planning and operations.
• Remain current with emerging security threats, trends, and countermeasures.
• Administer Jira projects and automation tasks.
• All other duties as assigned. 
• Monitor and analyze security events and alerts.
• Configure and tune detection and alert criteria of SIEM platforms and other tools.
• Investigate and triage potential threats identified through security alerts, anomalies, or reports.
• Conduct research to identify potential attack vectors and vulnerabilities.
• Evaluate proposed and existing processes, services, and technologies for risk.
• Utilize vulnerability management tools to identify vulnerabilities across endpoints, services, infrastructure, servers, and applications. 
• Coordinate vendor management assessments.
• Monitor and analyze events and alerts of systems, services, and infrastructure. 
• Perform vulnerability scanning and prioritize and assign remediation tasks. 
• Implement and administer endpoint detection and response solutions.  
• Evaluate proposed technologies to identify associated risks and controls. 
• Participate in awareness initiatives through user training, workshops, and phishing campaigns. 
• Create and maintain procedures, automation, and user guides. 
• Coordinate email flow, filtering, detection, and advise on email security configurations.
• Conduct vulnerability scans and assist in remediation efforts using integrated tools within the M365 ecosystem.
• Partner with the IT team to remediate identified vulnerabilities effectively.
• Assist in leveraging security automation tools to streamline processes such as alert triage, resolution, and log analysis.
• Help identify and implement opportunities for automation.
• All other duties as assigned. 

We know you will have and be able to

• Bachelor’s degree in Information Systems, Computer Science, or related field. Education may be substituted for select experience.  
• A minimum of 5-7 years of experience is required to effectively perform the job’s responsibilities.   
• Knowledge of cybersecurity principles, incident detection, analysis, and response methods. 
• Skills working with Microsoft Windows, Active Directory, Defender, Intune, Purview, Sentinel, and Microsoft Office applications.
• Extensive knowledge and experience with Microsoft 365 administration, including Exchange Online, SharePoint Online, OneDrive for Business, Teams, and related services.
• Experience with configuring and utilizing SIEM platforms.  
• Basic scripting or development experience. 
• Ability to use communication skills, both verbal and written, to present complex technical information to non-technical stakeholders. 
• Comprehension of Incident Response, Disaster Recovery, and Business Continuity concepts. 
• Ability to utilize and analyze the results of security and assessment tools.
• This position requires willingness and ability to travel locally and / or out of town up to 25%.

We would love if you also have 

• Technical certifications (e.g., GCIH, Microsoft, etc.) are preferred but not required.
• 5 to 7 years of experience in Information Security or direct support field. 
• 5 to 7 years of experience administering Windows operating systems and environments. 
• 5 to 7 years of technical experience using Microsoft Azure and Office 365 or Exchange.  
• 2 to 5 years of experience with Information Security frameworks and compliance programs. 
• 2 to 3 years of technical experience using Microsoft Sentinel, Intune, and Defender.  
• 2 to 3 years of experience writing procedures, procedures, and guides. 
• High-energy individual, with a passion to learn and contribute. 
• Flexibility working independently or partnering with a variety of teams. 
• Ability to work well across the organization with employees of all levels and in all departments. 
• Strong Word, Excel, PowerPoint, Outlook, and SharePoint skills. 
• Excellent problem-solving and critical thinking skills. 
• Organization and time management skills. 
• Professional customer service and interpersonal skills. 
• Strong organizational and project management skills. 
• Experience in an IT support or helpdesk role is advantageous.

So, what's in it for you?

Komen believes in the importance of taking care of our employees so that in turn they can be committed to supporting our critical mission to support those impacted by breast cancer and to help find cures.  This is what Komen provides away from the computer: 

• Competitive salary of $64,000 - $90,000/annually, exact compensation ranges are based on a range of factors including but not limited to the labor market, job level, internal equity, and budget. Offers given will take into consideration the candidate's skills, education, experience, geographic location, and other necessary credentials. 
• Health, dental, vision and a retirement plan with a 6% employer match
• Generous Paid Time Off Plan
• Flexible work arrangement in a fully remote working environment
• Bi-weekly work from home stipend
• Parental leave
• Tuition Reimbursement
• A culture of learning and development
• And so much more! 

Komen provides a remote and/or home-based working environment for all active employees. Komen defines remote as the ability to work from any physical location within the U.S. where an employee can perform specified work duties without disruption or distraction. Komen defines home-based roles as positions that are required to reside in a specific market. Work schedules for both remote and home based are determined by the organizational needs of each department. 

Susan G. Komen is fair and equal in all its employment practices for people without regard to age, race, color, religion, gender, national origin, disability, veteran status, or sexual orientation. Additionally, we embrace Diverse Teams & Perspective, and we find strength in the diversity of cultural backgrounds, ideas, and experiences.

SORRY NO AGENCIES

#LI-REMOTE