Security Analyst

The Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Chickasaw Nation Industries, Inc. serves as a holding company with multiple subsidiaries engaged in several lines of business (Technology, Infrastructure & Engineering, Health, Manufacturing, Public Safety, Consulting, and Transportation) for the federal government and commercial enterprises. A portion of our profits is used to support Chickasaw citizens. We are proud to support the economic development and long-term viability of the Chickasaw Nation and its people. CNI offers premium benefits eligible on the first day of hire to full time employees; (Medical - Dental – Vision), Company Life Insurance, Short-Term and Long-Term Disability Insurance, 401(K) Immediate Vesting, Professional Development Assistance, Legal Aid Assistance Program, Family Planning / Fertility Assistance, Personal Time Off, and Observance of Federal Holidays.

As a federal contractor, CNI is a drug-free workplace and adheres to the Federal Controlled Substance Act.   

ESSENTIAL REQUIREMENTS

Must possess appropriate level of certifications for this position as required by the contract.

Must be able to obtain and maintain the required customer clearance for access to systems, facilities, equipment and property.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Essential duties and responsibilities include the following. Other duties may be assigned.

Participates in the planning and design of enterprise security architecture.

Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).

Participates in the planning and design of a risk management plan, enterprise business continuity plan and disaster recovery plan.

Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

Leads the review and impact processes for all incoming cyber security information: bulletins, vendor notifications and communications from government sources. Determine if CNI is affected and then lead the resolution processes if necessary.

Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

Helps ensure that up-to-date baselines are maintained for the secure configuration and operations of all in-place devices e.g. security tools, workstations, servers, network devices, etc.

Monitors and maintains all operational configurations of all in-place security solutions as per the established baselines.

Partners with CNI’s 3rd party SOC in identifying anomalies, reviewing logs and leading the change control process based on change recommendations from the SOC and other trusted sources.

Reviews logs and reports of all in-place devices. Interprets the implications of that activity and devise plans for appropriate resolution.

Participates in incident response tasks, partnering with 3rd party SOC, cyber security insurance vendors, and internal resources.

Participates in the design and execution of vulnerability assessments, penetration tests, and security audits.

Provides on-call support for end users for all in-place security solutions; this can be 24x7 support.

Assists in creation and maintenance of a patching schedule; work with technical teams to develop patching priorities.

Leads process for new software requests: communicating with requestor(s) at all stages of the request cycle, contacting vendors for security compliance confirmations, leading phone calls as necessary, providing a technical review of all software requests for the CNI environment and working with management for proper reviews and approvals.

Assists the Information Security Compliance Manager with developing relevant security data reports.

Assists the Information Security Compliance Manager with managing the security training system and confirming completion of training by all employees.

Assists in the creation and maintenance of plan, policy, and procedure review schedule for the Enterprise.

EDUCATION / EXPERIENCE

Bachelor's degree and a minimum of one to two (1-2) years of relevant experience, or equivalent combination of education/experience.

PHYSICAL DEMANDS

Work is primarily performed in an office environment. Regularly required to sit. Regularly required use hands to finger, handle, or feel, reach with hands and arms to handle objects and operate tools, computer, and/or controls. Must be able to talk and hear. Occasionally required to stand, walk and stoop, kneel, crouch, or crawl. Must frequently lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. May be required to lift, push or pull 50 pounds or more using cart or hand truck. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus. May work near moving or mechanical parts. May have exposure to chemicals, fumes, warehouse environment or adverse weather conditions. May be required to use safety and personal protective equipment.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job.

The estimated pay range for this role is $50K to $53K, with the final offer contingent on location, skillset, and experience. 

CNI offers a comprehensive benefits package that includes:

• Medical
• Dental
• Vision
• 401(k)
• Family Planning/Fertility Assistance
• STD/LTD/Basic Life/AD&D
• Legal-Aid Program
• Employee Assistance Program (EAP)
• Paid Time Off (PTO) – (11) Federal Holidays
• Training and Development Opportunities

Your application submission will be considered for all potential employment opportunities with Chickasaw Nation Industries (CNI).