Exatech Inc is a staffing and recruiting company.
The Cyber Security Analyst is responsible for the daily activities associated with information security throughout the enterprise including, but not limited to, investigating and reporting for incident response, vulnerability scanning, remediation efforts and patch management. Development of security information and event management including watch list, alerting and problem resolution. The individual will assist the Information Technology department in developing a state of the art cyber security incident response program. This includes advanced persistent threat, persistent threat, policies and program resilience pertaining to cyber security.
• Maintain user security by developing access controls, monitoring and evaluation of security standards.
• Maintain security patches on all server devices and workstations.
• Responsible for McAfee products such as ePo, HIPS, Firewall, Disk Encryption, Virus Scan and mobile device security.
• Develop and maintain website white lists, and application white lists.
• Conduct external penetration test that mimic the real world techniques of cybercriminals.
• Conduct internal network penetration test to look for confirmation weaknesses, unsecure network files shares, and data leakage.
• Monitor the enterprise computing environment (servers, firewalls, intrusion detection/prevention systems, anti-virus and malware) logs, and network traffic for activities including but not limited to: policy violations, abnormal behaviors, intrusions, best practice recommendations, etc.
• Schedule regular cybersecurity reports (i.e., event logs, firewalls, cyber incidents).
• Implement and audit domain administration restrictions, and Group Policy application on user and computer objects.
• Review and monitor administrator account management (normal and privileged).
• Research and deploy DLP standards pertaining to products.
• Responsible for Annual Business Continuity testing including RPO/RTO metrics for all assets managed at corporate and co-location.
• Assist with reviewing and remediating items found during vulnerability scanning both internal and external.
• Participate in information security audits and oversee penetration testing of all networks and systems to identify system and application vulnerabilities.
• Identify new vulnerabilities and threats.
• Create and maintain a cyber security risk assessment.
• Execute information security project and initiatives.
• Draft and review information security policies, standards and procedures.