Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle. JOB LOCATION: This position is remote / telecommute eligible. If located in Jacksonville, FL some onsite will be required. JOB FAMILY DESCRIPTION Monitors, analyzes and reviews security sensors and network traffic across the business, ensuring the company and its systems are protected from domestic or international security threa ts. Evaluates security incident response plans to ensure effectiveness and compliance with the information security program and regulatory requirements; manages intrusion detection remediation efforts; and supports Cyber Threat Intel Analysts to convert intelligence into useful detection. Uses information security tools and procedures to respond to inquiries. Recommends security solutions, advises on systems and application-level security configurations, and investigates/mitigates security risks as required. GENERAL DUTIES & RESPONSIBILITIES - Monitors and investigates IT security incidents for business units across the enterprise to prevent hackers from compromising company systems and information.
- Assists with incident handling requirements related to regulatory and compliance privacy issues.
- Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
- Assists with the development of incident response plans, workflows, and SOPs.
- Monitors, reviews and analyzes security sensors, security events, network traffic, and logs to engineer new detection methods.
- Identifies root cause and take proactive mitigation steps.
- Enforces security policies and procedures by administering and monitoring security profiles; reviews security violation reports; investigates possible security exceptions; and updates, maintains, and documents security controls.
- Maintains the company’s firewall and ensures utilization of encryption methods.
- Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
- Provides direct support to the business and IT staff for security-related issues.
- Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
- Assist in integrating security tools and process automation via scripting and/or automation engines.
- Performs other related duties as assigned.
EDUCATIONAL GUIDELINES Bachelor’s Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience. Professional certifications such as CISSP, CISM, ECIH, CHFI, GCIA, GCIH, GREM, GCFA, or CEH etc. are a plus GENERAL KNOWLEDGE, SKILLS & ABILITIES - Knowledge of incident handling requirements related to regulatory and compliance privacy issues
- Knowledge of forensic toolsets such as the following are a plus: Encase, SIFT, Volatility, or RedLine
- Ability to evaluate information security risk implications
- Background in conducting intrusion analysis and incident response for a large enterprise desired
- Familiarity with IT Regulations, PCI/Sarbanes-Oxley/Mass Privacy laws
- Previous experience with dynamic and/or malware analysis desired
- Extensive knowledge of technical security controls and technologies (e.g. IDS, IPS, traditional, NextGen and Web Application Firewalls; Data Loss Prevention; Antivirus, Anti-malware and Zero Day protections; Security Information and Event Management (SIEM)
- Experience with SIEM and/or log aggregation technologies a plus such as QRADAR, Splunk, ArcSight, ELK, etc.
- Keen understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
- Understanding of threat vectors as well as exfiltration techniques is desired
- Understanding of cloud deployment models is a plus: Private Cloud, Public Cloud, Hybrid Cloud; Cloud service models: Infrastructure as a service (IaaS), Platform as a service (PaaS) and/or Software as a service (SaaS)
- Excellent analytical, decision-making and problem-solving skills
- Ability to develop partnership-oriented relationships with business executives and functional leaders, especially as it relates to operations and technology
- Strong background in security operations, processes, solutions and technologies
- Working knowledge of Linux, Windows, and Network Operating Systems
- Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy
- Demonstrated knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
- Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
- Ability to communicate well both verbally and in writing to technical and non-technical audiences of various levels within Black Knight or outside the organization (executives, regulators, clients, etc.)
- Results oriented, business focused, and successful at interfacing across multiple organizational units
IT Security Analyst II Intermediate professional level role. Works independently on multiple IT security projects as a project team member, occasionally as a project leader. Works on moderately-complex to complex security issues or projects that require increased skill in multiple IT functional areas. Requires knowledge of security issues, techniques and implications across more than one (1) computer platform. Must have extensive knowledge in networking, databases, systems and/or Web operations. Primarily focuses on security administration, but may be involved in developing enterprise security strategies, management of security projects and more complicated security issues. May coach more junior staff. Typically requires four (4) or more years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, and database design and administration with at least one (1) year of experience i n the IT Security Analyst I role. Black Knight is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, and protected veteran or military family status. Our employees’ diversity is our strength, and when we embrace our differences, it makes us better and brighter. Black Knight’s commitment to inclusion is at the core of who we are, and motivates us in how we do business each and every day. |