Information Security Analyst Job Description template and pdf with duties [2024]

Job summary 1

The ideal candidate will report directly to the manager and have strong leadership skills and the ability to lead teams, tasks and projects with limited supervision. The Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an information security program. The candidate should have strong data analysis skills, keen attention to detail, and the ability to handle and prioritize multiple tasks and deadlines. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls.

Duties & Responsibilities 1

special offer

Download all 10 Information Security Analyst Job Descriptions

Join our webinar: How to improve your recruitment strategy with 100Hires

Requirements & Skills 1

Job summary 2

We are hiring an Information Security Analyst to work in our growing IT Security team. You will review applications for security issues, utilize application scanning tools, implement application security protections, and document any security issues. To do well in this role you should have a bachelor's degree in computer science and experience in the information security field. Candidates must have strong development background, Java, React and Node as well as extensive understanding of validating developed applications security tools are optimized for current and future needs. Experience with X-Ray, HCL Opensource Analyzer and SAST Scanning tools (SonarCube, Veracode etc.) highly preferred.

Duties & Responsibilities 2

Initiate application scanning using common DAST and SAST toolsets (BURP, APPScan, Veracode, or similar).
Interpret and explain application scanning results.
Ability to navigate and modify Active Directory using standard Microsoft tool sets.
Ability to navigate and modify Apache LDAP using industry standard tools.
Work with and understand REST services.
Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.

Requirements & Skills 2

Bachelor's degree in computer science or related field or relevant work experience
1-3 years' experience with application scanning
Experience in information security or related field
Understanding of common current application deployment methods and tools
Scripting or coding experience
Understanding of SOAP Services
- Understanding of common SSO implementations
- Experience with Java Web Tokens and/or OAUTH implementations
- Experience with CA Siteminder, IBM DataPower, or similar toolset

Job summary 3

The Information Security Analyst's primary responsibilities include data loss prevention, incident response, infrastructure security compliance, vulnerability identification and remediation, threat hunting, and application security.

Duties & Responsibilities 3

Work as an integral part of the Information Security Operations team.
Cyber-Incident response
Make recommendations on enhancements to existing and new security hardware, software and tools
Assist in evaluating, planning, configuration, and implementation of new and existing security applications
- Perform risk analysis and vulnerability assessments
- Help with the identification and response to potential breaches of data security
- Give technical guidance on security policy and support security compliance

Requirements & Skills 3

Bachelors degree in Computer Science, Information technology, or related field
5+ years of relevant experience in Information Security
- One or more security certifications such as CISSP, CISA, SANS GIAC required
- Experience with many of the following: Incident Response, Risk Management, Vulnerability Scanning, Ethical Hacking, Network Security, Intrusion Detection, Data Loss Prevention, Application Security, and Policy Compliance Tools
- Application development background is preferred, with knowledge on SDLC

Job summary 4

We are seeking a Information Security Analyst to support Post Production Software Support (PPSS) and Post Deployment Software Support (PDSS). Successful candidates will support our institution in creating capabilities and providing technical services, subject matter expertise, and software solutions and services.

Duties & Responsibilities 4

Personnel in an information assurance management role are responsible for the information assurance (IA) program of an Information System (IS) or major mission application within the Network Environment (NE).
Incumbents in these positions perform a variety of security related tasks, including the development and implementation of system information security standards and procedures.
They ensure that IS are functional and secure within the Network Environment (NE).
Personnel performing senior technical work in this category focus on the enclave environment and support, monitor, test, and troubleshoot hardware and software Information Assurance (IA) problems pertaining to the Computing Environment (CE), Network Environments (NE), and enclave environment.
Tracks and analyze Information Assurance Vulnerability Management (IAVM) reports.
Identifies, downloads, analyzes, tests, and implements Information Assurance Vulnerability Alerts (IAVAs) and Security Technical Implementation Guides (STIGs) for system components and capabilities.
- Supports operation and maintenance of the Development Software Support Environment (DSSE).
- Supports and maintains Certification and Accreditation (C&A) requirements.
- Supports the Risk Management Framework (RMF) process for cybersecurity using applicable tools.

Requirements & Skills 4

Bachelor’s Degree in Computer Science or Engineering or other technical discipline with an Information Security or Cybersecurity concentration.
- Must be Information Assurance (IA) Trained and Certified per the Defense Federal Acquisition Regulation Supplement; IAW DoD 8570.1-M, Change 2.
- IA Technical and Computing Environment (CE) certifications; IA trained and certified per the Defense Federal Acquisition Regulation Supplement (DFARS) 252.239-7001, Information Assurance Contractor Training and Certification; IAW DoD 8570.1-M, Information Assurance Workforce Improvement Program, Change 2 and Army Regulation (AR) 25-2, Information Assurance.
- Minimum of seven (7) years of professional experience, appropriate Information Assurance Technical (IA) Technical and Computing Environment (CE) certifications, and qualified to perform in Information Assurance Technical Level II or Computer Network Defense - Auditor (CND-AU) positions in accordance with standards spelled out in DoD 8570.01-M and the Army Information Assurance (IA) Training and Certification Best Business Practice, corrected 6 Aug 2010.

Job summary 5

The Information Security Analyst provides a high level of technical expertise to train Information Security Operations analysts, provide mentoring to junior analysts, be the subject matter expert on various Information security technologies and manage metrics and reporting. The Information Security Analyst is responsible for coordinating tactical and strategic projects across various shifts within the Information Security Operations Center (ISOC) and the Governance, Risk and Compliance (GRC) teams.

Duties & Responsibilities 5

Requirements & Skills 5

Bachelor’s degree in Computer Science or a related field, or equivalent experience
Six years progressive IT security skills, IT audit experience can be included in experience
Experience with in-depth technical analysis and reporting within the Information Security industry
Thorough knowledge and understanding of the technical Information Security environments and processes
Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defense (CND) security tools
Strong familiarity with ISO 27001 and ISO 27002 standards for Information Security
- Strong familiarity with NIST (National Institute of Standards and Technology) 800 series
- Working knowledge of various regulatory controls (e.g. SOX, PCI-DSS, GLBA, etc.) and GRC processes
- Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns

Job summary 6

We are looking for an Information Security Analyst to be an integral part of our program. The Information Security Analyst will work with his/her team, along with other internal teams and customers to lead the security efforts across the program. The Information Security Analyst will support the team with focus on information assurance (IA) and DevSecOps. This role will be both a security governance and a hands-on role and requires a solid understanding risk management, business contingency, configuration management and working with complex build/deployment pipelines. Responsible and accountable for information security by reviewing, analyzing and assessing security controls implemented within information systems and business processes.

Duties & Responsibilities 6

Conduct security risk management activities, producing related security risk management information, and advising the DevSecOps teams and key stakeholders on the security-relevant impact of threats and vulnerabilities to the mission/business supported by the system
Responsible for maintaining and updating security documentation and artifacts to reflect current state of the program’s information systems (e.g. system security plan, disaster recovery plan, information security risk assessment, etc.)
Review and analysis vulnerability and policy compliance reports to identify potential security exposure and work with appropriate stakeholder for remediation of them
Analyze information systems to ensure that appropriate security safeguards have been included in the systems design and architecture
- Serve as security engineer backup for the EAOS DevSecOps Teams
- The candidate will be required to develop and provide presentations and demonstrations of technology solutions to both internal and external stakeholders
- Analyze, install and configure security tools in the cloud and CI/CD pipeline

Requirements & Skills 6

Job summary 7

We are looking for an Information Security Analyst to join us in securing the applications and computing environment. This role requires a blend of extensive cyber security experience with highly developed communication skills in order to be a security liaison and engineer for the entity. The Information Security Analyst will be in a highly visible role and directly influence the cyber security posture of company.

Duties & Responsibilities 7

Works directly with security personnel at the acquired entity to assess current security configurations
Conduct security gap analysis to generate documentation on the security monitoring maturity
Assist acquired entity with necessary security configuration changes needed to meet client security policy
- Coordinate access of security tools with security monitoring response teams to ensure client security personnel can view, create, and modify security policies and alerts of security tools
- Ensure systems and applications of the entity can be logged and monitored as per client security standards
- Consider the results of the entity’s previous security audits and assessments, vulnerability scans, and penetration tests, to assist in creating incident response plans and playbooks

Requirements & Skills 7

Strong technical knowledge of security tools across multiple security functions (IDPS, Web Proxy, Security Information Event Managers, File Integrity Monitoring, Antivirus, EDR, etc)
Strong understanding of TCP/IP, Malware Kill Chain, Common Vulnerabilities, Knowledge of Windows and Unix Based Operating Systems, and Networking Principles
Strong interpersonal skills, including good communication with the ability to articulate ideas in a precise and concise manner
- Ability to think creatively, take ownership of tasks, and adapt to changing business requirements
- Demonstrated ability to work effectively in ambiguous and/or high-pressure situations
- Previous Security Operations Center (SOC) experience a plus

Job summary 8

The Information Security Analyst will prepare and initiate assessments/audits facilitated by electronic survey's and questionnaire assessments, interviews and security control reviews. He/she will provide support for internal and external security assessments, including gathering and discussing evidence, and tracking remediation responses and activities.

Duties & Responsibilities 8

Requirements & Skills 8

Experience working with Information Security department on projects, assignments, or risk assessments
Experience gathering information from a range of different sources, developing and creating search queries
Experience with regulatory requirements (i.e. PCI; GDPR; HIPPA; Privacy; NYDFS; etc)
Experience using GRC tools and technologies in support of the assessment/audit process
Experience directly managing / leading people in complex projects or program areas
- Advanced Experience with Auditing Controls, I.T. Auditing fundamentals, Cybersecurity Analysis and documentation
- Demonstrated experience across information security and cyber risk domains required
- Candidate must have excellent organization skills and be a self-motivated learner

Job summary 9

The Information Security Analyst will be responsible for coordinating with Security and preparing or updating security-related documentation. Provides technical solutions to a wide range of difficult problems where analysis of data requires evaluation of identifiable factors. Solutions are imaginative, thorough, practicable and consistent with organization objectives. May be required to design data structures for data interchange. Develops data standards and converts data to controlled vocabularies; develop metadata structures including dictionaries, taxonomies and ontologies. Additionally, the candidate may develop semantic data and metadata representations, as well as information governance policies to manage risk and usage of data.

Duties & Responsibilities 9

Applies the Risk Management Framework (RMF) to Information Systems Security, which is further elaborated in additional Committee on National Security System Instructions (CNSSI) 1253, with the objective of obtaining an ATO.
- Collaborates with programmers and developers in preparation or updating of security-related documentation.
- Develops the Body of Evidence (BOE) to prescribe common controls as defined by the agency on whose network the system resides.
- Reviews and updates System Security Plans and privileged and general user’s guides.

Requirements & Skills 9

Bachelors and five (5) years or more experience
Masters and three (3) years or more experience
PhD and 0 years related experience

Job summary 10

We are looking for an Information Security Analyst to join the Information Security team. The Information Security Analyst will be responsible for working with senior members of the team to investigate security events, maintain security infrastructure, and implement new security solutions across the enterprise.

Duties & Responsibilities 10

Investigate and remediate information security events using enterprise security tools while interfacing with members of our security operations center
Support our vulnerability management program by collecting and analyzing data and working with system owners to coordinate remediation of issues
Support regulatory and compliance efforts by analyzing data and providing reports as required to auditors and compliance teams
Assist with the identification, development, and documentation of endpoint and network security countermeasures
- Work with internal customers to meet security needs of their job functions related to solution selection and deployment or troubleshooting of issues related to security tools and infrastructure
- Stay up to date on information security news and trends while consistently improving skills through regular training
- Perform other administrative and support functions as needed

Requirements & Skills 10

Bachelor’s degree in Computer Science, Information Systems, Cyber Security or related discipline
- 2+ years of computer cyber security background
- Demonstratable knowledge of information security concepts, including networking, operating systems, application security, endpoint security, regulatory compliance, vulnerability management, etc
- Excellent written and verbal communications skills and the ability to interact with people at all levels in the organization

Information Security Analyst Job Description

Job summary 1

Duties & Responsibilities 1

Requirements & Skills 1

Job summary 2

Duties & Responsibilities 2

Requirements & Skills 2

Job summary 3

Duties & Responsibilities 3

Requirements & Skills 3

Job summary 4

Duties & Responsibilities 4

Requirements & Skills 4

Job summary 5

Duties & Responsibilities 5

Requirements & Skills 5

Job summary 6

Duties & Responsibilities 6

Requirements & Skills 6

Job summary 7

Duties & Responsibilities 7

Requirements & Skills 7

Job summary 8

Duties & Responsibilities 8

Requirements & Skills 8

Job summary 9

Duties & Responsibilities 9

Requirements & Skills 9

Job summary 10

Duties & Responsibilities 10

Requirements & Skills 10

Start Using
100hires for Free

Weekly Webinars

Information Security Analyst Job Description

Job summary 1

Duties & Responsibilities 1

Requirements & Skills 1

Job summary 2

Duties & Responsibilities 2

Requirements & Skills 2

Job summary 3

Duties & Responsibilities 3

Requirements & Skills 3

Job summary 4

Duties & Responsibilities 4

Requirements & Skills 4

Job summary 5

Duties & Responsibilities 5

Requirements & Skills 5

Job summary 6

Duties & Responsibilities 6

Requirements & Skills 6

Job summary 7

Duties & Responsibilities 7

Requirements & Skills 7

Job summary 8

Duties & Responsibilities 8

Requirements & Skills 8

Job summary 9

Duties & Responsibilities 9

Requirements & Skills 9

Job summary 10

Duties & Responsibilities 10

Requirements & Skills 10

Start Using 100hires for Free

Weekly Webinars

Start Using
100hires for Free