Security Analyst III in Atlanta, GA at Cox Media Group

Date Posted: 6/14/2020

Job Snapshot

Job Description

This position offers an exciting opportunity for an experienced professional to help build and manage a program in the dynamic media industry. The ideal candidate for this position will not only have strong technical knowledge in the fields of technology and information security, but also will be able to think broadly about business challenges and articulate security concerns and challenges to the management team. The candidate will build strong partnerships with multiple stakeholder groups including technology, product, sales and marketing, engineering and field operations to ensure effective use of security capabilities. Key success factors include the ability to partner, influence and lead both direct, cross-functional and third-party teams in implementing and managing the security program.

The Sr Security Analyst is responsible for the design and integration of processes and platforms used to protect information and mitigate cyber threats.  We are looking for a highly qualified Cyber Security professional who is organized, exemplifies leadership qualities, and is eager to learn. The Analyst will partner with the Director of security and other departments to implement and enhance company policies, procedures, technologies and third-party services related to security and compliance.

Key responsibilities:

  • Manage security tools deployment, implementation, adoption and maturity including applicable hardware, software, firewalls, intrusion detection systems, security event management systems, anti-virus and malware solutions, cryptography systems, access control systems, or any other solutions required for enterprise cyber and systems protection and monitoring.
  • Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software.
  • Analyzes and makes recommendations to improve network, system, and application architectures.
  • Examines network, server, and application logs to determine trends and identify security incidents.
  • Assists in the review and update of information security policies, architectures, and standards.
  • Assists in responding to audits, penetration tests and vulnerability assessments.
  • Develop dashboards to communicate results of compliance and awareness activities.  Manage policy exceptions and track them for later review or remediation.
  • Perform analysis of security incidents and events and drive the maturity of process and configuration.
  • Maintain working knowledge of advanced threat detection as the industry evolves.

Candidate Evaluation Criteria

  • Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security.
  • Strong knowledge of common vulnerabilities and exploitation techniques.
  • Practical experience with database security, content filtering, vulnerability scanning, and anti-malware, email security.
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
  • An ability to effectively influence others to modify their opinions, plans, or behaviors.

 

 

Job Requirements

Qualifications:

  • BS in technology related field or equivalent work experience.
  • 7+ year minimum of progressive experience in information technology, cyber security, application support, or applications development. 
  • 5+ years dedicated security engineering across a variety of business platform, IT platforms, or security platforms.
  • 3+ years direct experience with leading frameworks and industry compliance mandates including but not limited to PCI, NIST, Cloud Security, or ISO.
  • Hands on experience with at least 2 or more security technologies (e.g. Vulnerability Management, Penetration Testing, Email Security, EDR, MFA, SIEM, IPS, Firewalls, etc.).
  • Possess one or more current industry certifications relevant to the job e.g. CISSP, CISM, C-RISC, C|CISO, CISA, SANS certifications, or equivalent experience. 

Preferred Qualifications: 

  • Experience with managing a Managed Security Service Provider (MSSP) to ensure appropriate monitoring of CMG infrastructure.
  • Must possess a proven track record as an influential member of a security program.
  • Ability to work independently and prioritize multiple projects in a highly dynamic environment.
  • Excellent communication and teamwork skills demonstrated across broad group of technical and non-technical stakeholders