IT Security Analyst at Do it Best

Fort Wayne, Indiana, United States -

Full Time

Start Date

Immediate

Expiry Date

06 Jul, 26

Salary

0.0

Posted On

07 Apr, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

IT security, Vulnerability assessment, Penetration testing, SIEM, Splunk, Python, Bash, PowerShell, Cloud security, Azure, AWS, GCP, Network security, Risk management, Agile, Scrum

Industry

Wholesale

Description

IT Security Analyst Location: Fort Wayne, IN Level: Salaried Division / Department: Information Technology, SecOps Reporting to position: Information Security Divisional Officer Travel: Minimal About the role: This position is responsible for assessing, implementing, and maintaining the security and integrity of data, applications, and infrastructure in collaboration with operations, engineering, and design teams. This role additionally provides design, development, and guidance for secure development practices by working with various project and product teams. This combination of red team and blue team skill sets will allow the analyst to not only identify security risks/vulnerabilities, but also provide guidance and recommendations for prevention and remediation. Responsibilities include: * Perform reviews of business application and infrastructure systems * Participate in various projects throughout the company with the objective of identifying cyber and information security risks * Develop strategies and plans to enforce security requirements and address identified risks * Develop T-shaped skills within all areas assigned to the Security and Operations team * Collaborate with team members from other subject domains to define and mature security practices * Partner with others on the Security and Operations team for technology research, innovation, and experimentation efforts * Possess the desire to grow both technically and professionally in the information security field Education and Experience: * Undergraduate degree with discipline in the areas of Computer Science, Management Information Systems, Information Assurance, or Cyber Security are preferred. Equivalent experience and/or training also acceptable * Familiarity with SIEM deployment and development with solutions like Splunk * Use of automated tools as well as manual testing methods to identify and validate vulnerabilities * Security practitioner certifications (CEH, CISSP, GIAC, OSCP, or equivalent) * Strong competency with security testing tools (e.g. Nessus, Nexpose, Qualys, Burp, Nmap, Kali, Metasploit, Responder, Wireshark, Kismet, Aircrack-ng, Redseal, Nipper, etc.) * Ability to demonstrate creating comprehensive deliverables (e.g. Penetration Test Reports, Configuration Review Assessments, Vulnerability Assessments, etc.) * Experience with scripting and/or programming languages such as Python, C#, Bash, PowerShell, etc. * Cloud PaaS experience with providers like Azure, AWS, and GCP * Ability to manage and/or enhance services to integrate Static and Dynamic Application Security Testing into the SDLC, ensuring that new applications or applications undergoing a major change are assessed for vulnerabilities prior to production implementation * 2+ years of experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Testing and/or Configuration Review Skills and Abilities: * Must be proactive and have a strong work ethic * Must be organized and able to plan/orchestrate work activities * Must have excellent analytical and problem-solving skills * Must be able to work independently and in a team environment * Must be an effective communicator in both technical and common business language * Must be an effective communicator in both written and verbal forms * Understanding of agile and lean frameworks, including Scrum and Kanban Benefits available to you: * Full insurance benefits package including Medical, Dental, & Vision * Paid time off to foster work/life balance * Profit sharing * Bonus Pay opportunities * Retirement funding opportunities * Education reimbursement * Health club reimbursement * Career advancement opportunities About Do it Best: Based in Fort Wayne, IN, Do it Best is the only US-based, member-owned comprehensive and fully integrated hardware, lumber, and building materials buying cooperative in the home improvement industry. With annual sales of nearly $6 billion, Do it Best serves thousands of member-owned locations across the United States and in more than 60 other countries, and is now part of the Do it Best Group, the world’s largest independent home improvement co-op. For more information, visit doitbestonline.com [https://doitbestonline.com/] and follow us on Facebook [https://www.facebook.com/doitbestcorp], Instagram [https://www.instagram.com/doitbestcorp/?hl=en], and LinkedIn [https://www.linkedin.com/company/do-it-best-corp.]. Culture: Each team member is valued as an individual - with their intrinsic value at the forefront. We prioritize your career growth through one-on-one training, conferences, tuition assistance, mentoring and more. We encourage authentic relationships by hosting social events and fostering a culture where lasting friendships are made. In fact, the three most valued aspects of being a part of the Do it Best team are the culture, the compensation, and the level of fulfillment that each team member experiences from their role. Our Philosophy: Serving others as we would like to be served Our Mission: Making the best even better Our Goal: Helping members grow and achieve their dreams Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Responsibilities

The IT Security Analyst is responsible for assessing and maintaining the security of data, applications, and infrastructure through red and blue team activities. They will identify security risks, develop prevention strategies, and collaborate with engineering teams to implement secure development practices.