The Security Analyst is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Analyst will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Analyst must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Analyst will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. They will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Analyst must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The Security Analyst will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the Security Analyst to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The SecurityAnalyst must be involved in incident response and investigations. The Security Analyst may suggest tools and techniques to achieve security goals. The Security Analyst may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches.
Essential Responsibilities
Security Alerts: Review, respond, and remediate where applicable;
Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities);
Phish campaign monitoring and resolution;
Analyze security systems and seek improvements on a continuous basis;
Report possible threats or software issues;
Research weaknesses and determine ways to counter them;
Understand software, hardware, and internet needs while adjusting them according to our business environment;
Assist fellow employees with cybersecurity, software, hardware, or IT needs;
Carry out and support information security plans and policies;
Respond to, investigate, and assist in recovery efforts related to a security breach;
Assist in Security Awareness training development and support;
Troubleshoot security and network problems;
Ensure the organizations data and infrastructure are protected by enabling and/or recommending appropriate security controls;
Participate and follow the change management process;
Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed;
Administer, configure, and troubleshoot security infrastructure devices such as Varonis;
Test new software and firmware, as needed or directed.
Operational Management
Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems;
Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law;
Creatively provide resolution to security issues/problems in a cost-effective manner;
Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met.
Other security responsibilities as directed by the Information Security Officer
Other Qualifications
Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations;
Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered;
For those not meeting the minimum education, additional work-related experience will be deemed equivalent;
CISSP or related certification is an advantage;
Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.;
Working knowledge and experience in the following areas: Cloud computing security in Azure/Windows environments, security controls, security capabilities identification;
Experience in working on Microsoft products and can learn new systems quickly;
Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.;
Strong verbal and written communication skills required;
Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner;
Must be able to work well with others;
Must be detail oriented and organized;
High integrity, including maintenance of confidential information;
Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency;
Focus on continuously improving skillset to meet security changes and challenges;
Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue;
Regular and reliable attendance required.
LBMC Overview
LBMC is built on individuals with entrepreneurial spirits and believe in the power of a hybrid workforce. We are consistently named a Pacesetter for Growth in the U.S. as we continue to add team members to each of 4 LBMC offices in the Southeast. LBMC also continues to receive accolades including being noted as a Fortune Great Place to Work, a Top 5 Firm in the Southeast, a Top Accounting Firm on Accounting Todays Top 100 list, Best Firm in Technology, Best Workplace in Consulting & Professional Services, and more! We are proud to provide individualized career paths regardless of team member location and work schedules. LBMC offers competitive benefits including generous PTO schedules, robust Talent Development and continuing professional education programs, inclusive Business Resource Groups, enhanced parental leave, thoughtfully structured mentorship and individual development programs, and more. We are committed to giving back to our local communities through LBMC Initiatives such as Lending Hands Week and the LBMC Cares Foundation to support causes important to team members. While we may have a global footprint, we still believe in the power of southern hospitality and supporting the causes that matter to both our team members and clients and are committed to enhancing team member benefits as we identify gaps and changes in the marketplace. LBMC values individuals with a growth mindset and entrepreneurial spirit, so if you have an innate curiosity for solving problems and creating solutions-LBMC is the place for you! If you are interested in joining a firm that provides personalized career paths, the opportunity to work with sophisticated clients around the U.S., and encourages a "work that works for you" mentality, please reach out.
Diversity and Inclusion at LBMC
Commitment to our team members, clients, and the communities in which we work. At LBMC, our mission of delivering the best to our clients and each other every day is rooted in our unique differences. Our engagement, growth and success are at their best when team members have equal opportunity and are included. Diversity brings value to LBMC by connecting us with our community and driving innovation.
LBMC provides equal opportunities to all employees and applicants for employment. We recruit, employ, train, compensate and promote without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, genetic disposition, neurodiversity, disability, veteran status or any other protected category under federal, state and local law.