Senior Security Analyst

Job Overview

GENERAL SUMMARY:

Under general direction of the Sr Security Analysis Manager, works closely with the other members of the team to develop and implement a comprehensive information security program. This includes coordinating implementation, optimization, and operation of vulnerability, penetration, and patch scans for network, hardware, and applications.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• 1. Performs control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls and recommends remedial action.
• 2. Executes risk assessment activities, analyzes the results of audits (performed by other groups) to produce recommendations of acceptable risk and risk mitigation strategies.
• 3. Works on deploying, tuning and running vulnerability-scanning and penetration-testing tools.
• 4. Reports residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance, to DFW's management.
• 5. Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
• 6. Performs analysis on threat alerts from various security tools, including Intrusion Detection and Prevention tools, firewalls, antivirus systems, user behavior analytics tools, proxy devices ( Palo Alto Networks, Cisco, etc.) which requires demonstrable security incident response and/or insider threat experience to determine if the alert is a false positive, a security event, an actual attack, and/or a security incident.
• 7. Assists with management of incident response by investigating security intrusions.
• 8. Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
• 9. Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
• 10. Evaluates/deconstructs ransomware, malware (e.g. obfuscated code) through Board approved vendor provided tools.
• 11. Communicates alerts to leadership team regarding intrusions and compromises to their network infrastructure, applications and operating systems.
• 12. Prepares Monthly Metrics on briefings and reports of analysis methodology and results.
• 13. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary to provide indication and warnings of impending attacks against networks.
• 14. Configures and manages security integration components in Microsoft 365 hybrid environments, including connectivity, synchronization services, and authentication.
• 15. Monitors and interprets Azure AD Connect events, Azure AD access reviews and Manage MFA.
• 16. Provides escalation point for Systems Admins team as a support for O365 related incidents on Threat Management.

MINIMUM REQUIREMENTS:

• • Bachelor's degree in business administration, information technology, computer science or a related field.
  • Five (5) years of progressive experience in cyber security or similar IT infrastructure.
  • Any equivalent combination of education and/or experience may be substituted for the above on a year-for-year basis.
  • Possession of a valid class C driver's license.

REQUIRED KNOWLEDGE, SKILLS AND ABILITIES:

• • Knowledge of malware analysis/reverse engineering concepts
  • Understand attacker methodology and penetration testing concepts,
  • Excellent problem solving, critical thinking and analytic skills with the ability to de-construct problems (hunting anomalous pattern detection.
  • Knowledge of the principles and practices of a network systems design and implementation, including hardware, software, communications standards and documentation.
  • Knowledge of the principles and practices of business and public administration.
  • Knowledge of current network communications security technology.
  • Ability to provide project management.
  • Ability to plan and develop time and cost estimates for network projects.
  • Ability to oversee and coordinate the work of technical personnel.
  • Ability to communicate clearly and effectively, both orally and in writing, at all levels within and outside the organization, and to provide technical documentation.
  • Ability to effectively summarize and present findings.
  • Ability to establish and maintain effective working relationships inside and outside the organization.

DESIRABLE:

• • Security Certifications: CISSP, CEH and Security +
  • Firewall Certifications: Palo Alto, Cisco ASA and CCNA
  • Load Balancer Certifications: F5, PKI and SSL

EFFORTS:

• • Works in an office environment.
  • May sit for prolonged periods of time.
  • Uses near-visual acuity in reading written documents.
  • Uses keyboard devices and computer monitors.
  • Uses substantial reasoning abilities in performing analysis and solving problems.
  • Exchanges information by phone, in writing and in person.
  • Drives to locations on Airport property.

About Us

We are Dallas Fort Worth International (DFW) Airport-one of the most successful airports in the world by any definition. We are recognized for our innovation, leadership, drive for excellence and talented employees.

Our success is made possible because of the diverse talents of over 2,100 employees who champion our mission of providing an exceptional airport experience to our customers and connect our community to the world. We are looking for the best talent to join us and help reimagine what an airport can be.

Bring your talents to DFW. Live and work with purpose.