Listing Description
The Cybersecurity Infrastructure Analyst provides consultative services; works with suppliers for product considerations and recommendations; performs monitoring and auditing of information system activities; creates and maintains documentation related to policies, standards, and procedures; mentors other team members. The analyst will understand systems management knowledge with security emphasis in following areas: IPL process, job management, job queues, job scheduler, job descriptions, output queues, job scheduler, job descriptions, output queues, system values, job logs. The analyst has knowledge of IBM security best practices, IBM i (iSeries) OS, IT audit, policies, vulnerability risk remediation, and regulatory requirements.
ROLE
· Works analytically to solve both tactical and strategic problems.
· Works with IBM Lab Services, Costco Compliance, Internal Audit, and Business teams to identify and analyze risks.
· Works with stakeholders to provide security solutions that support their business requirements.
· Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance with and in support of security standards and procedures in place.
· Works with the Incident Response team to remediate discovered security incidents by informing appropriate custodians, determining root cause, and actions (if necessary) required to re-establish respective information system security.
· Understands compliance requirements that may impact security and works with business areas and project teams to develop security solutions that address these requirements.
· Coordinates activities or engagements with Loss Prevention, Legal, and law enforcement as required.
· Participates in team activities and team planning in regards to improving team skills, awareness, and quality of work.
· Keeps up to date in the areas of: technology, business knowledge, and Costco policies and platforms.
· Maintains current knowledge of industry trends and standards.
· Travels internationally as required.
REQUIRED
· Security, and Systems Administration knowledge and experience.
· Working knowledge of information systems security standards/practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
· High level of communication skills, verbal and written, with the ability to clearly communicate Cybersecurity Infrastructure matters to executives, auditors, end users, and engineers, using appropriate language, examples, and tone.
· Demonstrate a logical and structured approach to time management and task prioritization.
· Knowledge of IBM security best practices, IBM i (iSeries) OS, IT audit, policies, vulnerability risk remediation, and regulatory requirements.
· Systems management knowledge with security emphasis in following areas: IPL process, job management, job queues, job scheduler, job descriptions, output queues, job scheduler, job descriptions, output queues, system values, job logs.
· Knowledgeable with multi factor authentication and authentication processes and protocols. TACACS+, Radius, LDAP, AD, authentication services, as well as PKI and token/certificate based authentication.
· Working knowledge of IBM i Privileged Elevation and Antivirus tools.
· Strong analytical skills.
· Project Management skills.
· Ability to handle highly confidential information in a strictly professional manner.
· Scheduling flexibility to meet the needs of the business including nights, weekends, and holidays.
Recommended
· One or more IBM i (iSeries) System Administrator certifications.
· One or more professional audit or security certifications such as: CompTia Security+, CISA, GSEC, or CISSP (or equivalent experience).
· Experience with one or more scripting languages.
· General knowledge of enterprise-level applications including ERP.
· General networking knowledge.
· Experience with tools such as: NMAp, NetCat and Enum, DNS, NTP and Citrix, TACACS, IDS, IPS and various SIEMS.
· Working knowledge of protocols and technologies such as TCP, UDP, SSL, FTP, SMTP, NetBIOS, DHCP, HTML, CSS, JavaScript and WML.
· Experience with performing vulnerability scans and assessments, as well as computer forensics.
Listing Details
- Salary: $135000 - $185000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: Not Provided
- Telework: Partial Telecommute