IT Security Analyst

Guild Mortgage Company, closing loans and opening doors since 1960. As a mortgage banking firm we are dedicated to serving the home owner/buyer. Our goal is to provide affordable home financing for our customers, utilizing the best terms available while providing a level of professionalism and service unsurpassed in the lending industry.

Position Summary

The IT Security Analyst defends against cybersecurity incidents and identifies, analyzes, communicates, and contains incidents as they occur. The role is primarily responsible, under general direction, for the identification and support of technologies designed to protect the confidentiality, integrity, and availability of Guild’s information systems. The IT Security Analyst works with technical and non-technical staff to ensure that deployed technologies are effectively and efficiently providing the intended controls consistent with established policies and procedures.  

Essential Functions

• Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems.
• Conducts log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Deploys cloud-centric detection to detect threats related to cloud environments and services used by the organization.
• Correlates activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
• Reviews alerts and data from sensors, and documents formal, technical incident reports.
• Works with threat intelligence and/or threat-hunting teams.
• Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts.
• Correlates network, cloud, and endpoint activity across environments to identify attacks and unauthorized use.
• Research emerging threats and vulnerabilities to aid in the identification of incidents.
• Provides users with incident response support, including mitigating actions to contain activity, and facilitating forensics analysis when necessary.
• Perform security standards testing against computers before implementation to ensure security.
• Ensure authorized access by investigating improper access, revoking access, reporting violations, monitoring information requests by new programming, and recommending improvements.
• Participate as a member of the Incident Response Team.

Qualifications

• Bachelor’s degree in Computer Science, cybersecurity, or related field.
• 2+ years of experience in IT audit, enterprise risk management, penetration tester, red team/incident responder, or as a junior security operations …