Jr. Security Analyst

Works for and under the general direction of the head of Information Security. Responsibilities include implementing and managing the day to day operation of the organization's information security program. The Information Security organization plays a critical role in ensuring that Star Group's technology and information assets are appropriately guarded from external and internal threats.

Responsibilities

Work with Star Group, L.P. management and staff, third party security consultants, and managed service providers to assess risks, establish priorities, conduct reviews, and implement solutions

• Work on day-to-day tasks in managing the information security posture of the organization
• Design, implement, and operate information security best practices and procedure
• Develop and manage security and process documentation.
• Ensure that required security control initiatives are executed on schedule and in line with Star Group's Information Security program objectives
• Develop and manage metrics and reporting designed to measure Information Security program effectiveness and ensure compliance with Star Group policies, compliance regulations, and industry best practices alongside the Star Group senior IT leadership
• Monitor external threat environment to ensure Star Group is responsive to near and far term threats
• Respond to and aid in resolution of cyber security threats that may impact the confidentiality, integrity, or availability of Star Group systems and affect constituents or personnel
• Engage in special projects and other duties as assigned
• Commitment to work collaboratively and respectfully toward resolving obstacles and/or conflicts

Minimum Requirements

• 3+ years of relevant work experience in IT security operations in an enterprise environment, preferred
• Demonstrated knowledge of technology processes, risks, infrastructure, and information security
• Experience designing and operating enterprise security controls
• Experience with incident response and handling
• Expertise with security assessment methodology and vulnerability management
• Experience with both windows based enterprise infrastructure and cloud applications and environments
• Knowledge of web security best practices, including certificate management, encryption protocols, and common vulnerabilities

• Experience with Cisco enterprise grade products to include: Cisco switches, Meraki, ASA, Palo Alto firewalls, IPS/IDS,
• Solid understanding of security technologies including firewalls, VPN and Remote Access
• Knowledge of NAC and 802.1x technologies
• Knowledge of server load-balancing and LTM and GLB platforms.
• Experience with Wi-Fi network design, security measures and threat countermeasures a plus
• Knowledge of commercial enterprise-level tools and products to provide network services, including: firewalls, IPS/IDS, DNS, DHCP, web security, TACACS+, VPN and NAC.

• Ability to work effectively with stakeholders across departments and affiliated organizations
• Excellent problem solving and strong project management skills

• Requires excellent verbal and written communication skills. Must have the ability to provide the "Basic" explanation of technology for nontechnical managers, directors and above.
• Performs related duties and fulfills responsibilities as required.
• Self-motivated and the ability to work under limited supervision.

Benefits:

Your hard work and professional dedication will be rewarded with a competitive compensation and benefits package, including:

Medical coverage

Dental coverage

401(k)

Plus more!

The salary range for this role is $70,000 to $80,000 annually.

We are proud to be an equal opportunity employer and are committed to a drug and alcohol-free workplace.

Location: Woodbury, NY, US

Posted Date: 12/22/2024