| Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle. JOB FAMILY DESCRIPTION<b r />
The IT Security Analyst III , analyzes, reviews and responds to security incidents and events across the business, ensuring the company and its systems are protected from domestic or international security threats. Evaluates security incident response plans and playbooks to ensure effectiveness and compliance with the information security progra
m and regulatory requirements; manages intrusion detection remediation efforts; and supports Cyber Threat Intel Analysts to convert intelligence into useful detection. Uses information security tools and procedures to respond to inquiries. Recommends security solutions, advises on systems and application-level security configurations, and investigates/mitigates security risks as required. This position is eligible to work Remote. GENERAL DUTIES & RESPONSIBILITIES
</b - Monitors and investigates IT security for business units across the e
nt
erprise to prevent hackers from compromising company systems and information.
- Assists with incident handling requirements related to regulatory and compliance privacy issues.
- Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
- Assists with the development of incident response plans, workflows, and SOPs.
- Monitors, reviews and analyzes security incidents, security events, network traffic, and logs to engineer new detection methods.
- Identifies root cause and take proactive mitigation steps.
- Enforces security policies and procedures by administering and monitoring security profiles; reviews security violation reports; investigates possible security exceptions; and updates, maintains, and documents security controls.
- Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
- Provides direct support to the bu
sine
ss and IT staff for security-related issues.
- Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
- Assist in integrating security tools and process automation via scripting and/or automation engines
- Performs other related duties as assigned.
EDUCATIONAL GUIDELINES Bachelor’s Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience. Professional certifications such as CISSP, CISM, GCIA, GCIH, GREM, GCFA, or CEH etc. are a plus. GENERAL KNOWLEDGE, SKILLS & ABILITIES - Ability to evaluate information security risk implications
- Background in conducting intrusion analysis and incident response for a large enterprise desired
- Experience in digital forensics and analysis>
<li
>Knowledge of incident handling requirements related to regulatory and compliance privacy issues.</li
- Familiarity with IT Regulations, PCI/Sarbanes-Oxley/Mass Privacy laws a plus
- Knowledge of forensic toolsets such as the following are a plus: Encase, SIFT, Volatility, or RedLine
- Previous experience with dynamic and/or malware analysis desired
- Extensive knowledge of technical security controls and technologies (e.g. IDS, IPS, traditional, NextGen and Web Application Firewalls; Data Loss Prevention; Antivirus, Anti-malware and Zero Day protections; Security Information and Event Management (SIEM)
- Experience with SIEM and/or log aggregation technologies desired such as QRADAR, Splunk, ArcSight, ELK, etc.
- Keen understanding of networking concepts and protocols (such as DNS, SMTP, FTP, SSL, etc.)
- Understanding of threat vectors as well as exfiltration techniques is desired
- Knowledge of Windows Defender ATP
and Offi
ce 365 is a plus
- Understanding of cloud deployment models is a plus
- Excellent analytical, decision-making and problem-solving skills
- Ability to develop partnership-oriented relationships with business executives and functional leaders, especially as it relates to operations and technology
- Strong background in security operations, processes, solutions and technologies
- Working knowledge of Linux, Windows, and Network Operating Systems
- Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy
- Demonstrated knowledge and understanding of information technology industry trends and emerging technologies and an ability to relate them to the company and its objectives
- Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
- Ability to commun
icate well
both verbally and in writing to technical and non-technical audiences of various levels within Black Knight or outside the organization (executives, regulators, clients, etc.)
- Results oriented, business focused, and successful at interfacing across multiple organizational units
IT Security Analyst III Advanced professional level role. Works independently on many IT security projects as a project team member, more frequently as a project leader. Works on large, complex security issues or projects that require increased skill in multiple IT functional areas. Requires extensive knowledge of security issues, techniques and implications across all existing computer platforms. May manage or serve as a project leader for IT security projects or the security components of multi-discipline projects. Must have extensive knowledge in networking, databases, systems and/or Web operations. May coach more junior staff. Typically req
uires six (6
) or more years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, and database design and administration and at least three (3) or more years of experience in a lower-level IT Security Analyst role. Although target pay ra
nge may vary by work location, a representative pay range is $96,000 – $120,000. Eligible to participate in medical, dental and vision insurance, life insurance and disability insurance, 401(k) plan and employee stock purchase plan. Eligible to participate in the discretionary annual performance bonus. Black Knight is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, and protected veteran or military family status. Our employees’ diversity is our strength, and w
hen we embrace
our differences, it makes us better and brighter. Black Knight’s commitment to inclusion is at the core of who we are, and motivates us in how we do business each and every day. |
