Search for more jobs
Prin Security Analyst
FULL_TIME
Job Title
Prin Security Analyst
Organization
Compeer Financial
56001
Minnesota
US
Location City
Mankato
Experience Level
Mid Level
Salary Range
DOE
Posted Date
October 20, 2022
Closing Date
December 30, 2022
Apply

Position Overview: This position creates, implements and maintains corporate-wide security programs that assist in improving overall security posture of the organization. Provides guidance, assurance and information protection to maintain the confidentiality, integrity, and availability of Compeer critical resources. Contributes knowledge and expertise to ensure that information assets are protected and secure. The incumbent guides solutions to promote secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Provides mentorship and guidance to less experienced team members.

Essential Functions:

  • Remains current with new security threats and assess systems and solutions to ensure they can defend the business.
  • Researches capabilities of current and new disruptive solutions on the market and makes recommendations to security group on a consistent basis.
  • Researches, validates and utilizes solutions meeting security and business needs.
  • Develops security team standards, policies, procedures and processes.
  • Drives security efficiencies, enabling security team members to work on more advanced tasks.
  • Utilizes technical systems and monitors them for unusual and suspicious activity across a wide range of products, data centers, and cloud systems.
  • Participates in technical and non-technical projects requiring information security oversight and to ensure policies and procedures are met.
  • Recommends security solutions and effective improvements to existing security controls.
  • Ensures that cybersecurity-enabled products or other compensating security control technologies or processes reduce identified risk to an acceptable level.
  • Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan.
  • Implements security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
  • Performs analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Mitigates and corrects security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
  • Analyzes cyber defense policies and configurations and evaluates compliance with regulations and organizational directives.
  • Coordinates and provides expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents, perform investigations and forensics work.
  • Evaluates the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.

Minimum Qualifications & Required Knowledge, Skills and Abilities:

  • Bachelor’s degree in security management, cybersecurity, computer science, management information systems, or business with technical training in networking, technical support or security or an equivalent combination of education and experience sufficient to perform the essential functions of the job.
  • 10 or more years of experience in physical asset security, information technology, risk management, security services, or infrastructure technology.
  • CISSP certification preferred.
  • A proven deep background in the areas of cybersecurity, technology and risk management.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  • Ability to adapt and stay a step ahead of cyber attackers and stay up to date on the latest attack methods.
  • Is highly trustworthy and leads by example.
  • Strong listening, written and verbal communication skills, with ability to communicate and influence peers.
  • Skilled in developing and maintaining interpersonal relationships.
  • Ability to work independently and collaboratively with other teams to achieve goals and represent the business.
  • Ability to communicate business risk as it relates to cybersecurity issues.
  • Expert experience driving measurable improvement in monitoring and response capabilities at scale.
  • Strong decision making and organizational skills.
  • Expert ability to identify and resolve problems, utilizing strong analytical skills.
  • Works calmly under pressure and with tight deadlines.
  • Stays current with evolving threat landscape.
  • Advanced experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environments.
  • Expert knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to endpoint detection and response (EDR), threat intelligence platforms, data loss prevention (DLP), security automation and orchestration, deception technologies, application controls, and other network and system monitoring tools.
  • Experience with purple teaming (red and blue) to train, identify and remediate issues cohesively.
  • Advanced knowledge of multiple computing platforms including cloud systems.
  • Advanced experience with Amazon Web Services (AWS) or Microsoft Azure.
  • Expertise in incident response and system monitoring and analysis.
  • Expert experience conducting risk analysis to protect the business and adhere with compliance requirements and privacy laws.
  • Expert experience with vulnerability and penetration testing engagements.
  • Experience with change and project management.
  • Advanced knowledge of computer networking concepts and protocols, and network security methodologies.
  • Advanced knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Expert knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Expert knowledge of cyber threats and vulnerabilities.
  • Expert knowledge of threat intelligence and vulnerability information dissemination sources (e.g., alerts, advisories).
  • Expert knowledge of information technology security principles and methods.
  • Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Advanced knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • Expert knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • Expert knowledge of business continuity and disaster recovery continuity of operations plans.
  • Expert knowledge of system life cycle management principles, including software security and usability.
  • Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
  • Knowledge of multiple cognitive domains and tools and methods applicable for learning in each domain.
  • Knowledge of media production, communication, and dissemination techniques and methods, including alternative ways to inform via written, oral, and visual media.
  • Knowledge of training and education principles and methods for curriculum design, teaching and instruction for individuals and groups, and the measurement of training and education effects.

 

 

Who is Compeer Financial?
Compeer Financial exists to champion the hopes and dreams of rural America. By joining our team, you will help empower those in agriculture and rural communities to achieve their goals and expand their possibilities.  We embrace business agility and innovative approaches to serving our clients and communities.

Why join our team?

 

  • Amazing team members who are passionate about serving agriculture and rural America.
  • Investment in our team members’ education, growth and development.
  • Engagement in our communities through giving back and volunteerism.
  • Flexible, collaborative and dynamic work environment.
  • Great benefits:
    • Medical, Dental, Vision insurance
    • 401K (3% Compeer contribution & up to an additional 6% match)
    • Paid time off (vacation, sick leave, holidays, volunteer time)

 

Find out why our team members choose Compeer Financial by watching this video.

How do I apply?
Qualified candidates, please apply online at www.compeer.com/careers.

Compeer Financial is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.