Information Security Analyst 3 (5-yr fixed-term)

Job Description
This is a 5-yr fixed-term position.
The Information Security Analyst 3 is a career level, experienced professional role working on problems of a diverse scope involving IT portfolios, or other internal departments and organizations, to investigate information security incidents. This position also serves as a “shift watch officer,” to ensure that monitoring and escalated tasks are completed by junior analysts. This is an individual contributor role.
The incumbent will plan and execute security tasks in support of areas of coordination between information security, legal, audit, physical security, and other functions. Though the incumbent will, when needed, coordinate with our information security operations and incident response teams, this role is not focused on 24/7 cyber alerting, investigation, and response.
This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel.
We value early, mid and late-career candidates and encourage all applicants with the posted skills and abilities to apply.
Responsibilities
Conduct complex investigative assignments demonstrating judgement in selecting methods and techniques to obtain creative solutions
Analyze system-generated indicators to identify patterns that would alert potential security incidents or threats
Identify, clarify, investigate and (where appropriate) escalate circumstances of concern to incident managers
Evaluate escalated events of concern identified by junior analysts to determine scope of impact, severity and appropriate next steps
Oversee the work of junior analysts on shift in a 24/7 operations center to minimize intrusions and expedite threat mitigation
Mentor, train and assist Analyst 1s and 2s
Conduct additional discovery and forensic investigations under the direction of incident managers
Carry out assigned investigation analysis of technology audit recommendations
Monitor and report on audit remediation efforts
Provide regular updates to manager on project/account status
Qualifications

• Bachelor’s degree in related field or equivalent professional experience
• Four years of experience in Information Security, IT and/or Computer Science, including expertise in one or more of the following areas: Attacker tactics for both enterprise and web systems, cyber threat intelligence, incident handling, continuous monitoring, intrusion detection, advanced network forensics, host forensics and malware analysis
• Ability to work effectively in a 24/7 environment
• Ability to recognize patterns of known security compromise from log information and identify new exploits when they present themselves
• Ability to mentor and train junior analysts
• Demonstrated experience with Windows and Linux operating systems, command line interfaces, and associated security concerns
• Demonstrated experience using a SIEM or data aggregation tool to analyze data sets and identify trends, anomalies, and actionable intelligence
• Demonstrated experience with Continuous Monitoring operations in an enterprise environment
• Working knowledge of:
• Networking protocols and technologies
• Current information security practices, trends, and technologies
• Information security tools, technologies, threats, and practices
• IT organization patterns
• Familiarity with programming and scripting
• Understand how system storage and memory forensics are used in incident response
• Understand how cyber threat intelligence relates to incident response
• Strong professional written and oral communication skills
• Detail-oriented with the proven ability to follow instructions
• Works well with others, especially those in complementary roles
• This job operates in a professional office environment
• To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment

Preferred

• Relevant security certification from one or more of the following or equivalent certifying authorities: GIAC, CompTIA, ISC2, EC-Council, etc.

About Us
Church employees find joy and satisfaction in using their unique talents and abilities to further the Lord’s work. From the IT professional who develops an app that sends the gospel message worldwide, to the facilities manager who maintains our buildings— giving Church members places to worship, teach, learn, and receive sacred ordinances—our employees seek innovative ways to share the gospel of Jesus Christ with the world. They are literally working in His kingdom.
Only members of the Church who are worthy of a temple recommend qualify for employment. Apart from this, the Church is an equal opportunity employer and does not discriminate in its employment decisions on any basis that would violate U.S. or local law.
Qualified applicants will be considered for employment without regard to race, national origin, color, gender, pregnancy, marital status, age, disability, genetic information, veteran status, or other legally protected categories that apply to the Church. The Church will make reasonable accommodations for qualified individuals with known disabilities.