Analyst Info Security I

Edinburg, VA 22824, USA Req #2432
Tuesday, May 10, 2022
Shenandoah Telecommunications Company (Shentel) provides broadband services through its high speed, state-of-the-art cable, fiber optic and fixed wireless networks to customers in the Mid-Atlantic United States. The Company’s services include: broadband internet, video, and voice; fiber optic Ethernet, wavelength and leasing; and tower colocation leasing. The Company owns over 6,800 route miles of fiber and 223 macro cellular towers.  For more information, please visit www.shentel.com.
Job Summary
Responsible for reducing the impact of information security incidents and system compromises. Will do so by assisting with security monitoring, incident / event investigation and analysis, role-play through tabletop events and "purple team" exercises, contributing to documentation and playbooks to ensure repeatable security-focused processes, participating with security and data privacy assessment as well as providing recommendation for endpoints, servers, and network infrastructure. They are responsible for the understanding and identification of indicators of compromise (IoC) as well as helping understand evidence of attack in alerts or monitoring, by hunting through data, systems and from review of investigation notes. Position has a moral and legal responsibility to uphold all local, state, and federal regulations especially in regards to security and data privacy.

Job Responsibilities:
• Participate in security incident investigation and reporting according to the Incident Response Plan (IRP).
• Participate on industry best practice security and data privacy assessments for all third party vendors, contractors, consultants, auditors, applications (both on premise and cloud) as well as system-to-system connections on our internal and customer-facing networks.
• Contribute to network and application penetration tests, vulnerability assessment scans, and patch management / vulnerability remediation strategy planning.
• Monitor and advise on information security and data privacy issues related to the systems and their related data flows while ensuring internal security controls are appropriate and operating as intended.
• Conduct security and data privacy research in keeping abreast of latest information security as well as data privacy events, issues, and trends.
• Assist and support user and security posture awareness for IT teams as well as key information security partners for our customer facing servers, networks, and applications.
• Participate in any breach analysis activities to help discover root cause.

Qualification Requirements:
• Education: Four Year Degree in Computer Science, Networking Administration, or Cyber Security is required. Master’s Degree in Cyber Security is preferred.
• Experience Level:
o 3-5 years of Software Development, Network Administration, or Cyber Security experience is required.
o Experience in securing applications (front end / back end, SaaS), servers, or networks is required.
o Experience in the event log monitoring of computer systems is required.
o Experience with industry standard security frameworks (e.g., NIST, CIS, OWASP, Mitre Att&ck) as well as experience with PII, PHI, CPNI, and PCI data handling requirements is required.
o 0-2 years of Splunk or SIEM experience is preferred. Experience with SOX compliance is preferred.
o Experience with mobile device management (MDM) is preferred.

Job Skills & Knowledge:
Skill Requirements:
• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.
• Capability to gather information, analyze and evaluate evidence, draw conclusions, and share that knowledge gained in an appropriate manner.
• Ability to absorb intelligence information about threats and threat actors to help mitigate harmful events for the organization.
• Ability to develop and analyze processes.
• Understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.
• Ability to identify detailed information risk and to apply governance compliance concepts and principles.
• Must have excellent verbal and written skills.
• Must be able to work effectively in a team environment.
• Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.
• Ability to develop security policies, procedures, standards, and guidelines.
• Capability to work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate.

Knowledge of:
• WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, and SIEM solutions.
• Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.).
• Applicable knowledge of Information Technology, security and data privacy fundamentals, and networking.

Certifications:
• CompTIA Network+ and Security+ Certifications preferred.

Shentel provides a drug-free workplace and is an EEO employer.  All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, or protected Veteran status.

 

If you require accommodation or assistance to complete the online application process, due to a medical condition or impairment, please contact a HR Representative at 540-984-5241 or employment@emp.shentel.com. When you contact a HR Representative please identify the type of accommodation or assistance you are requesting.  We will assist you promptly.

 

For technical issues with the website, please contact employment@emp.shentel.com.

Other details

  • Job Family IT
  • Job Function Corporate
  • Pay Type Salary
This posting is inactive.
Location on Google Maps
  • Edinburg, VA 22824, USA