Information Security Analyst

**About Astound Commerce**

Astound Commerce is a global digital commerce company that provides end-to-end services—from creating a data-driven strategy and delivering UX services to building an ecommerce solution for a variety of clients such as Cartier, Neutrogena, Puma, Diageo, Adidas and L'Oréal. With 20+ years' experience, 1,400+ ecommerce specialists, more than 3,000 projects completed, and dozens of industry accolades, we excel at maximizing the brand and business value of every digital commerce touchpoint. Astound Commerce currently operates in 14 countries with 20 offices worldwide.

**Job Purpose**

As an Information Security Analyst, you will design and implement IT security systems to protect the organization's computer networks from cyber-attacks. You will develop organization wide best practices for IT security. You will monitor computer networks for security issues, install security software and document all security issues or breaches you find.

**In this role you'll get to**
- Keep up to date with the latest security and technology developments
- Research/evaluate emerging cyber security threats and ways to manage them
- Plan for disaster recovery and create contingency plans in the event of any security breaches
- Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
- Test and evaluate security products
- Design new security systems or upgrade existing ones
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
- Engage in 'ethical hacking', for example, simulating security breaches
- Identify potential weaknesses and implement measures, such as firewalls and encryption
- investigate security alerts and provide incident response
- Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations
- Generate reports for both technical and non-technical staff and stakeholders
- Maintain an information security risk register and assist with internal and external audits relating to information security
- Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues

**Your skills and qualifications**
- Bachelor's degree in Computer Science, Information Systems, or equivalent education or work experience
- 5+ years of prior relevant experience
- Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification
- Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) at start date
- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations
- Experience with vulnerability scanning solutions
- Familiarity with the DOD Information Assurance Vulnerability Management program.
- Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
- In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
- Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS)
- Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commandsEnglish level: Upper-Intermediate
- Ability to read/write technical documentation in English

**What we offer in return**
- **Off-the-Charts Career Growth**: Сlear career path and a performance review system, career coaching, training and certifications, mentoring and knowledge sharing
- **Well-being Is Top Priority**: Parental leave, paid time off, comprehensive health and medical plans
- **Real Work-Life Balance**: Remote, in-office, or hybrid working modes; flexible hours; work-life balance support on every stage and level
- **Culture of Success**: Culture of collaboration that encourages innovation every step of the way; 20 offices spanning four continents bring diverse perspectives that drive tangible results for our clients worldwide

**Why work for Astound Commerce?**

Whether you're working directly with our world-renowned clients or with your Astound colleagues from around the globe, you will shape the future of digital commerce, using emerging technologies and innovative approaches.

**Grow your career with Astound Commerce, and discover exciting opportunities while doing the work you love**

**#LI-MS1**

LI-REMOTE