XTN-D221233 | SENIOR SECURITY ANALYST

The Senior Security Analyst will be responsible for independently assessing security risks, identifying vulnerabilities, recommending remediation strategies, and improving GCI's overall security posture. The role will also lead the design and implementation of security controls aligned with organizational policies, ISMS practices, and ISO 27001 frameworks. This position will play a key role in supporting the next phase of GCI's security maturity program.

• Health Insurance/HMO
• Enjoy unlimited MadMax Coffee
• Diverse learning & growth opportunities
• Accessible Cloud HR platform (Sprout)
• Above standard leaves

• Protect systems and information infrastructure, including firewalls and data encryption programs
• Upgrade systems to enable security software
• Perform penetration testing to uncover vulnerabilities and implement remediation solutions
• Analyze IT requirements and provide objective advice on the use of IT security
• Gather feedback from end-users to continue improving information security
• Monitor computer infrastructure, systems and networks for security issues
• Investigate security breaches and other cybersecurity incidents
• Document security breaches and assess the damage they cause
• Fix detected vulnerabilities to maintain a high-security standard
• Stay current on IT security trends and technology standards. Test and evaluate new technology
• Develop company-wide best practices for IT security
• Research security enhancements and make recommendations to management

• Has experience in designing, implementing and operating IT controls in line with ISMS / ISO27001
• 4 to 5 years of hands-on experience in designing and implementing IT controls
• Has the ability to conduct independent risk and vulnerability assessment, propose and implement solutions to address root causes and improve the organization’s security posture
• Can identify preventive countermeasures to remediate critical vulnerabilities and improve the organization’s security posture
• Proven work experience as an Information Security Analyst or similar role
• Proficient with Microsoft Defender and Sentinel platform
• Working experience in SD-WAN, firewall, proxies, Microsoft 365, and Azure cloud
• Excellent written and oral communication skills
• Experienced with penetration testing and related techniques
• Ability to identify and mitigate infrastructure, systems, and network vulnerabilities

• Ability to independently assess, investigate, and recommend solutions for security risks and incidents
• Hands-on experience implementing security controls aligned with ISMS and ISO 27001
• Strong awareness of emerging cybersecurity threats, vulnerabilities, and risk management practices

Originally posted on Himalayas