The Information Technology (IT) Services group is a strategic practice unit within GBQ that serves internal and external GBQ clients at each of our locations. The Associate Security Analyst/Senior will participate in assessment projects, report writing and controls implementation. Our ideal candidate is an experienced IT professional whose career includes a broad range of hands-on experience working within a professional IT environment with some security responsibility. We serve clients throughout the Midwest with a majority of our clients located in Ohio or surrounding states. Focus on four major initiatives established by the Firm: Profitability, Practice Growth; Client Focus; and Brand Culture/Development.
- Serve the IT Services group as the lead security tools technologist.
- Implement vulnerability management tools and other technical safeguards in client environments
- Cybersecurity and Network Security Vulnerability/Penetration Assessments, safeguard and system selection research, technology assessments.
- Team player and deadline oriented
- Ability to multi-task and set workload priorities in a fast-paced environment
- Complete assignments within established budget for assigned areas.
- Achieve charge hour budget and minimum billable hours as set by Firm.
- Participate in “approved” non-client initiatives to improve firm administration.
- Consistently utilize all firm and department software efficiently.
- Represent firm and build relationships by participating in outside activities.
- Develop and demonstrate strong leadership skills.
- Demonstrate excellent written and verbal communication skills.
- Ability to provide outstanding client service
- Attention to detail and accuracy
- Analytical and creative problem solving skills
- Ability to perform technical scans for infrastructure vulnerabilities using commercially available tools
- Flexibility with travel and hours
- Work in partnership with other team members and client personnel to help ensure efficient flow of information from client to IT Services/Audit team.
- Comprehend new, complex issues and perform basic research to solve complex problems.
- Exemplify Brand Attributes of the Firm.
- Comply with all policies and procedures of the Firm
- Demonstrate ability to work in a team environment and address conflict with peers.
- Consistently seek feedback on performance from superiors and enhance and develop professional and technical skills.
Work Experience and Education:
- College graduate or non-degree candidates with relevant military or work experience
- Prefer 1-3 years of progressive IT experience in a professional environment with an exposure to cyber security operations.
- Awareness of security laws, regulations, guidance, policies and directives would be helpful
- Familiarity at least one control framework (e.g. NIST, ISO, CIS, etc.)
- Must be technically proficient in performing their assigned duties with minimal supervision while also working within a team environment
- Experience with:
- Vulnerability management and patch management processes and tools
- Malware and eradication
- Working knowledge in the following technical domains:
- TCP/IP, UDP, DNS, FTP, NetBIOS, and other protocols.
- Understanding of Linux, UNIX, Windows, and mobile operating systems
Network services, vulnerabilities and attacks
- Exploits and vulnerabilities
- Programming and shell scripting
- Strong analytical skills required; must be detail-oriented with an ability to develop and apply complex concepts
- Strong Microsoft Office skills required, including Microsoft Word, PowerPoint and Excel (Access and Visio a plus)
- Strong written and verbal communication skills required
- Some travel required
- Associate Security Analyst/Senior will report directly to a Performance Manager who will provide any necessary guidance relative to administrative issues or work performance through the formal evaluation process.
- Flexibility with travel and hours
- Reliable transportation for on-site client work.