Listing Description

Summary: 
 
The Cybersecurity Analyst supports SPLC business objectives by mitigating risk to IT systems and data. The Cybersecurity Analyst will implement tenets of cybersecurity frameworks to provide a high level of data confidentiality, integrity, and availability as well as compliance with applicable legal and regulatory requirements. The Cybersecurity Analyst assists employees with safely accessing data, email, and internet resources in accordance with security policies and controls. The Cybersecurity Analyst collaborates with IT team members and vendors to implement security policies and controls across enterprise infrastructure and services. The Cybersecurity Analyst synthesizes various sensor data, threat alerts, and audit reports to detect and respond to vulnerabilities, unauthorized system access or data loss.

Primary Job Functions: 

• Coordinate with employees and vendors to resolve service desk tickets;


• Assess and block phishing emails as well as validate and unblock legitimate emails;


• Analyze files, links, or software for malware or data loss;


• Develop and deliver cybersecurity awareness training material to the workforce;


• Conduct cybersecurity awareness assessments, identify trends, and propose improvement areas;


• Synthesize various inventory reports to identify hardware, software & firmware assets;


• Configure and perform vulnerability management scans, evaluate trends, and propose prioritized remediations;


• Measure vulnerability remediation effectiveness for security patch updates and conduct root cause analysis for non-compliant systems and applications;


• Apply device and application hardening guides then verify system functionality;


• Implement and monitor Data Loss Prevention (DLP) controls to protect sensitive data such as Personally Identifiable Information (PII), financial data, healthcare data, business proprietary data, etc.;


• Conduct security audits and document findings to validate effectiveness of existing security controls or identify any potential gaps;


• Monitor threat intelligence sources and assess applicability to SPLC systems or data;


• Perform continuous monitoring of network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies or potential security breaches;


• Coordinate with business stakeholders and IT partners to correlate suspicious activity or system alerts with legitimate business activity or potential security incident;


• Perform Incident Response functions to identify, contain, and eradicate malware or malicious actors; and 


• Other duties as assigned. 

Qualifications - 

Education and Related Work Experience: 

Required: 

• At least four years of experience in IT or at least one year of experience in IT combined with a Bachelor of Science Degree in Computer Science or related field;


• Understanding of TCP/IP Networking, Operating Systems, and Web Applications;


• Understanding of cybersecurity frameworks, policy, procedures & controls; and


• Must have the ability to obtain a baseline cybersecurity certification or higher within 12 months (eg, Security+, Certified Ethical Hacker, GIAC Certified Incident Handler, etc). 

Knowledge, Skills and Abilities: 

• Team player with strong interpersonal skills;


• Excellent written and oral communication skills;


• Ability to present and explain complex technical topics in layman’s terms;


• Goal oriented self-starter that takes the initiative;


• Strong organizational, planning, and time management skills;


• Creative problem solver with analytic methodology;


• Knowledge and experience with TCP/IP network fundamentals;


• Knowledge and experience with server, desktop, and mobile operating systems;


• Knowledge and experience with virtual and cloud infrastructure;


• Knowledge and experience performing packet analysis and parsing log data;


• Knowledge and experience with implementing cybersecurity risk management frameworks and auditing security controls;


• Knowledge and experience with cybersecurity threats, exploits, and vulnerabilities to include Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS);


• Knowledge and experience with security tools such as Antivirus (AV), Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Intrusion Detection/Prevention  System(IDS/IPS), Firewalls (FW), Vulnerability Management (VM) scanning engines, Access Control Lists (ACL), System Logs (SYSLOGS), etc.;


• Commitment to ideals of justice, diversity, equity, and inclusion; and


• Commitment to fostering an anti-racist work culture and to anti-racist principles and learning.

Compensation:

This is an exempt role, and the minimum starting salary is $76,220 annually.  Salary will be commensurate with experience. 

Work Designation: 

This role has the following work designation options: 

• Telework: Will work at an SPLC office at least three days per week and may work two days per week from an alternative work location. 


• Local Remote: Will work remotely but is expected to attend work-related activities in the states in which the SPLC has an office or elsewhere.  

Other Special Considerations:

This job is performed under general office conditions and is not subject to any strenuous physical demands or dangerous conditions.

This position is represented by the Washington-Baltimore Guild.
  
Disclaimer:

The statements herein are intended to describe the general nature and level of work being performed by the employee in this position.  These statements are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of a person in this position.

An Equal-Opportunity Employer with a Commitment to Diversity 
Southern Poverty Law Center (SPLC) is proud to be an equal opportunity employer, and as an organization committed to diversity and the perspective of all voices, we consider applicants equally of race, gender, gender identity, color, sexual orientation, religion, marital status, disability, political affiliation, national origin, or prior record of arrest or conviction.