Information Security Analyst

Company: Verra Mobility
Location: Mesa
Posted on: June 20, 2022

Job Description:

Who we are---Verra Mobility is a global leader in smart mobility. We develop technology-enabled solutions that help the world move safely and easily. We are fostering the development of safe cities, working with police departments and municipalities to install over 4,000 red-light, speed, and school bus stop arm safety cameras across North America. We are also creating smart roadways, serving the world's largest commercial fleets and rental car companies to manage tolling transactions and violations for over 8.5 million vehicles. And we are a leading provider of connected systems, processing nearly 165 million transactions each year across 50+ individual tolling authorities. Position Overview:The Information Security Analyst is an important member of the Information Security team and will support the Verra Mobility information security program by continuously monitoring the enterprise for suspicious or malicious activity. The security analyst is the information security team's first responder, responsible for investigating security offenses raised by the security information and event management platform and performing routine care and feeding of information security tools, agents and infrastructure. Additionally, the security analyst will evaluate and improve existing security related processes and procedures, respond to security incidents as outlined in the company's security incident response plan, provide security related guidance to the enterprise and contribute to risk based analysis of trending and emerging threats. Essential Responsibilities:

• Monitors log and event output from multiple information security tools including but not limited to security information and event management products, firewalls, network and host based intrusion prevention systems, web content gateways, e-mail security appliances, threat intel platforms, antivirus products, vulnerability scanners and user behavior analytics platforms.
  • Investigates anomalies and responds according to established security offense handling procedure.
  • Performs routine but critical information security technology tasks including but not limited to IPS signature review and testing, firewall rule change requests, antivirus product exceptions and policy changes, SIEM rule tuning, web proxy configuration changes, e-mail security investigations, firewall change request reviews and software approval assessments.
  • Participates in security incident response procedures and planning.
  • Processes information security policy changes as determined by information security team leadership.
  • Researches trending threats and provides weekly vulnerability reports with accompanying security tools impact analyses.
  • Acts as a technical resource during internal and external audit engagements and is responsible for gathering security related technical evidence as required.
  • Educates employees in information security best practices.
  • Stays abreast of developments in the Information Technology industry specifically as they relate to Information Security.
  • Takes initiative on leading security related projects as determined by information security team leadership.
  • Represents the information security team on cross team co-operative projects with other shared service organizations as required. Qualifications:
    • A bachelor's in computer science, information technology or a related program OR a High School Diploma/GED and appropriate on the job experience in information technology and/or information security.
    • Minimum of 1 year experience as an information security analyst or 2 years of experience in a technical focused IT role including but not limited to service desk, server administration, network administration, or other IT systems support role.
    • Candidates should have a working knowledge of basic information security concepts and beginning to intermediate familiarity with common security technologies such as anti-virus, firewalls, DLP, web content filters, proxy servers, intrusion prevention systems, Windows event logging and syslog.
    • Experience with using and/or managing a commercial SIEM is a plus.
    • Candidates should be familiar with networking fundamentals and have a basic to intermediate understanding of common network and application layer protocols such as TCP/IP, HTTP, DNS, SMTP and FTP.
    • Information Security certifications, such as: CISSP, GSEC, GCED, Security+, etc. are a plus.
      • Other entry level IT certifications, such as: Network+, Linux+, CCENT, etc. are a plus.
        • Security analysts will be expected to obtain the GIAC GSEC certification within 1 year of employment start date. Aligned with Verra Mobility Values:
          • Do What's Right - We're committed to doing the right thing for each other and for our customers - integrity is our DNA.
          • Lead With Grace - We embrace the importance of our colleagues and customers and always treat them with kindness and grace.
          • Own It - We foster a culture of accountability and excellence, where going the extra mile is standard practice.
          • Win Together - We are ambitious and like to win, but we know we win more when we include others and work together.

Keywords: Verra Mobility, Mesa , Information Security Analyst, Professions , Mesa, Arizona