Information Security Analyst
CentralSquare Technologies | Cloud | Sioux Falls, SD
CentralSquare is seeking an Information Security Administrator to join its Cloud Team. This unique and challenging position will be responsible for cloud vulnerability remediation’s, patch management,, certificate replacement ultimately ensuring a secure operating environment for existing CentralSquare technology, applications, employees and office locations.
Cloud Security Responsibilities
- Ensuring all 2K plus servers are free of vulnerabilities
- IPS/IDS management and tuning.
- Proxy F5 WAF Management
- Certificate management and replacement
- Windows WSUS certificate management
- Identify and assist with deployment of security controls required to ensure the confidentiality, integrity, and availability of CentralSquare Cloud assets and infrastructure.
- Assist with Cloud implementation of the Secure Software Development Life Cycle, specifically related to program interfaces, application architecture, data protection, and identity and access management.
- Perform governance duties including but not limited to tenant account review, new Use Case approvals, and change management.
- Perform risk management tasks as they relate to all CentralSquare tenant subscriptions and activity.
- Monitor and audit all CentralSquare-owned cloud environments.
General Information Security Responsibilities
- Work directly on mitigation of critical threats to the organization.
- Work directly to identify and resolve system vulnerabilities.
- Implement security technologies to protect CentralSquare assets.
- Troubleshoot and resolve service desk cases related to information security issues.
- Research potential attempts to compromise the confidentiality, integrity, or availability of assets.
- Proactive event review of SIEM, syslog and other logging systems, as part of threat hunting initiative.
- Perform third party vendor security reviews as needed.
- Collaborate laterally throughout the organization to align security strategy with business needs.
- Perform other cybersecurity, risk and regulatory compliance duties as assigned.
Desired Skills & Education
- Basic understanding of security controls as they relate to IaaS, PaaS, SaaS cloud models.
- Basic understanding of best-in-breed technologies used to maintain a secure cloud
- Experience implementing data-loss prevention technologies.
- Knowledge of security control frameworks such as NIST CSF, ISO 27002,
- Knowledge of common application attacks and mitigation strategies.
- Basic understanding of security standards such as PCI, HIPAA, and CJIS.
- CISSP, CCSP or industry-related certification desirable.
- Bachelors in a related field.
- Self-motivated and well organized. Must be able to prioritize tasks and work well under pressure.
- Strong oral, written, and interpersonal skills are required.
- Experience working with local government agencies a plus
This position will require S-TH work schedule every other week due to current maintenance window.
Qualifications This company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, This company complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.