Share this Job

Sr. Security Analyst (Remote)

Date:  Jul 26, 2022
Location: 

remote, MA, US, remote

Onsite or Remote:  Remote
Company Name:  EBSCO Information Services

EBSCO Information Services (EIS) provides a complete and optimized research solution comprised of e-journals, e-books, and research databases - all combined with the most powerful discovery service to support the information needs and maximize the research experience of our end-users. Headquartered in Ipswich, MA, EIS employs more than 2,700 people worldwide, most now working hybrid or remotely. We are the leader in our field due to our cutting-edge technology, forward-thinking philosophy, and outstanding team. EIS is a company that will motivate you, inspire you, and allow you to grow. Our mission is to transform lives by providing relevant and reliable information when, where, and how people need it. We are looking for bright and creative individuals whose unique differences will allow us to achieve this inclusive mission around the world.

EBSCO Information Services, the leader in innovative digital content, is searching for a Senior Security Analyst. This individual will help guarantee the on-going security of customer-facing services and in web application development environments in our AWS Cloud and on-prem environments. This role will have responsibility for creating, scaling and operationalizing security vulnerability scanning, event monitoring and incident response procedures as well as performing security investigation and remediation activities.  The Security Operations Team is a small, efficient, tightly knit group – potential candidates should work well in a team environment and be comfortable working closely with others. There is a strong bias towards automating our security processes and “doing more with less” through the implementation of DevSecOps practices.  The ideal candidate would have both a background in process automation and security operations, but candidates with a strong work ethic and desire to learn will be considered.


Responsibilities include:

  • Strong focus on process automation and implementing security best-practice in the public cloud 
  • Principle contributor to the Cyber Incident Response Team (CIRT)
  • Security threat detection and remediation
  • Management of vulnerability scanning and remediation program
  • Liaising with program teams to address security issues
  • Ensure that workloads maintain compliance with security and governance standards
  • Work with Cloud Security Engineers and Architects to automate and tune SecOps solutions

 

Required Qualifications

  • Bachelor's Degree in technical or business discipline or equivalent experience
  • Experience with automation scripting (Python, Power Shell), Infrastructure as Code (Terraform, CloudFormation) and/or DevOps/DevSecOps functions
  • Some experience with IT security/incident management processes is strongly desired

 

Preferred Qualifications

  • Some exposure to security incident investigation and management and experience using common security tools (SIEM, Vulnerability Scanners, IDS/IPS, MDR)
  • An understanding of securing AWS Public Cloud and Hybrid Cloud environments is highly desired
  • AWS-specific skills (Networking: Route53, Direct Connect, etc.) and (Security: WAF, Config, CloudWatch, etc.)
  • Security Governance Certifications preferred (CISSP, CISM, CISA, CGEIT, CRISC)
  • Strong understanding of the Agile Development Framework
  • Experience defining, implementing, and engineering network environments compliant with information security policies, procedures and standards. Examples include:
    • Experience in Healthcare Insurance Portability and Accounting Act (HIPAA)
    • Child Online Privacy Protection Act (COPPA)
    • General Data Protection Regulation (GDPR)
    • Family Educational Rights and Privacy Act (FERPA)
    • FEDRAMP, ISO 27001
    • Service Organization Controls

COVID VACCINATION REQUIREMENT: As directed by Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors, all current and newly-hired EIS employees in the United States are required to be fully vaccinated by January 18, 2022 or by their date of hire.
We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, sex, pregnancy status, age, national origin or ancestry, ethnicity, religion, creed, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and termination of employment. We comply with the Americans with Disabilities Act (ADA), as amended by the ADA Amendments Act, and all applicable state or local law.


Job Segment: Information Security, Compliance, Application Developer, Engineer, Technology, Legal, Engineering