Information Security Analyst
As a hands-on Information Security Analyst, you will be part of a small but highly motivated Information Systems team that designs, builds and maintains all of the infrastructure that is the foundation for all ShotSpotter services. Working closely with the team you will be responsible for installing, monitoring and maintaining security infrastructure including firewall, endpoint protection and tacking incidents.
- Monitor ShotSpotter’s networks and systems for security breaches and investigate any violations as they occur.
- Prepare reports that document security breaches and the extent of the damage caused by the breaches.
- Install and use software, such as firewalls, data encryption and endpoint protection, to protect sensitive information.
- Perform security audits on third party vendors.
- Analyze results of penetration testing and recommend remediations.
- Research the latest information technology (IT) security trends.
- Drive our information security standards and best practices across the organization.
- Recommend security enhancements to management or senior IT staff.
- Help computer users when they need to install or learn about new security products and
- Ensure onboarded and offboarded computer systems are correctly installed, archived and wiped for arriving or departing employees.
You will be heavily involved with creating ShotSpotter’s disaster recovery plan, that will be followed in case of emergency. The plan should ensure the continued operation of ShotSpotter’s key systems. The recovery plan should include preventive measures such as regular backups to offsite location and plans to restore proper functional systems after a disaster or ransomware attack. You will be responsible for continually testing the plan and auditing that all necessary data copies are made on a regular basis.
You will be expected to stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. You will need to research new security technology and help decide what will most effectively protect ShotSpotter.
- Bachelor’s in computer security, Computer Science or similar degree.
- 3 or more years operational experience with computer security and monitoring including using a SIEM on a daily basis.
- Extensive experience with Linux and Windows operation systems.
- Strong knowledge of endpoint protections such as Carbon Black, CrowdStrike and Sentinel One.
- Some knowledge of AWS and cloud computing environments.
- A strong understanding of modern system, network and service-related security best
- Firm technical grasp on the usual suspect services and protocols such as DNS, LDAP, SMTP, HTTP, TCP/IP, SSL, etc.
- Solid understanding of networking and distributed computing concepts.
- Superior troubleshooting skills.
- Immaculate attention to detail.
- Strong English communication skills.
- Willingness to stand in an on-call Tier 3 rotation as part of the engineering experts supporting our 24/7 operation.
- CISSP or Security+ certified beneficial.
- Experience with AlienVault.
- Experience with Palo Alto and Juniper SRX firewalls.
- Knowledge of AppSec and/or DevSecOps.
- Knowledge of NIST 800-53 moderate controls.
- Knowledge of CJIS.
LOCATION: SF Bay Area, Remote
REPORTS TO: Sr. Director, Technology
The company reserves exclusive right in its sole discretion to modify, adjust, delete, add or otherwise change the above at any time.
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact ShotSpotter at +1.510.794.3183 or firstname.lastname@example.org for assistance.