Cyber Security Analyst

The Cyber Security Analyst is responsible for assisting with the day-to-day operations of securing the firm's various information systems. The Cyber Security Analyst is tasked with providing technical expertise in all areas of network, system, and application security. Works closely with the various team members in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The Cyber Security Analyst leads the firm's vulnerability management program, manages the annual cybersecurity assessments and penetration tests, and researches and reports on emerging threats to help the firm take pre-emptive risk mitigation steps. Effectively correlates and analyzes security events within UFP's systems environment to proactively detect threats and mitigate attacks before they occur.

Cyber Security Analyst Duties and Responsibilities:

• Studies evolving threats and other industry developments related to cyber security.
• Researches / evaluates emerging cyber security threats and ways to manage them.
• Plans for disaster recovery and creates contingency plans in the event of any security breaches.
• Monitors for attacks, intrusions and unusual, unauthorized or illegal activity.
• Tests and evaluates security products.
• Designs new security systems or upgrades existing ones.
• Uses advanced analytic tools to determine emerging threat patterns and vulnerabilities.
• Runs internal security scans, coordinates mitigation and tracks results.
• Investigates security alerts and is a part of the incident response team.
• Monitors identity and access management, including monitoring for abuse of permissions by authorized system users.
• Liaises with stakeholders in relation to cyber security issues and provides future recommendations.
• Generates reports for both technical and non-technical staff and stakeholders.
• Maintains an information security risk register and assists with internal and external audits relating to information security.
• Creates and conducts employee training programs related to cyber security.
• Monitors and mitigates 'phishing' emails and 'pharming' activity including conducting employee training and re-training.
• Assists with the creation, maintenance and delivery of cyber security awareness training for colleagues.
• Coordinates the creation and maintenance of cyber security policies and standards.
• Responds and manages helpdesk tickets related to cyber security.
• Coordinates projects related to cyber security such as CMMC certification.
• Performs all other duties as assigned or needed.

• Bachelor's in cyber security or related discipline.
• Hands-on experience.
• 2+ years of systems administration in an active directory environment.
• 2+ years of cyber security experience.
• Security+ certification.
• Experience / familiarity with the following :
  • IT Security Frameworks (NIST, GDPR, PCI, ISO 27001, CMMC, etc.)
  • IT Security Tools (Nessus, Kali Linux, Metaspolit, Wireshark, etc.)
  • Azure / Office 365
  • Endpoint, server and network malware detection
  • SQL Server
  • SharePoint
  • ERP systems
  • Security+
  • Scripting language (Powershell, Python, etc.)
  • Linux

To apply for this job please create a profile with us through our online application system. Click the "Apply" box in the upper right-hand corner to start the application process. Or, if you already have a social media account with LinkedIn, Google, or Facebook you can use your log in credentials to apply.

UFP Technologies, Inc. is an Equal Opportunity/Affirmative Action employer Minorities/Women/Veterans/Disabled.

#UFP #CORP #NBPT