Cybersecurity Analyst 3

The Cyber Security Analyst is responsible for maintaining the integrity and security of enterprise-wide systems, network, and applications at Jefferson. Supports cyber security initiatives through predictive and reactive analysis, articulating emerging trends to leadership and staff. Be an active player during enterprise incident response efforts, driving incidents to timely and complete resolution. Reviews threat data from various sources and develops detection and response capabilities, correlates actionable security events into Security Event and Incident Management platform. Utilizes understanding of attack signatures, tactics, techniques, and procedures associated with advanced cyber security threats. Develops analytical products and process fusing enterprise and all-source intelligence.


  • Develop and carry out information security policies and standards.
  • Develop or implement cyber security tool set to assist in detection, prevention, and analysis of security threats.
  • Develops security strategies to respond to and recover from a security breach with strong understanding of Security Operation Center (SOC) operations both on premise and managed.
  • Awareness training of the workforce on cyber security standards, polices and best practices.
  • Experience using Windows / Unix / Linux / iOS systems in server and workstation environments. Strong understanding of hardware / software and cloud environments.
  • Expert in analyzing and investigating network and system intrusions, malware attacks and recommend / implement prevention methods.
  • Experience with Data Loss Prevention (DLP) systems, implementation, and process in on premise and cloud environment.
  • Experience in cyber security incident response and breach investigations including forensic investigations.
  • Take ownership of multiple security products thru lifecycle e.g. DLP, Vulnerability Management, SIEM etc.,
  • Must be able to co-ordinate project management and drive adoption of new capabilities.
  • Must mentor junior members in the team for success of their individual ownership.
  • Exhibit leadership skills to lead team members by mentoring and coaching junior staff.
  • Exhibit leadership skills by coordinating and use resources in other teams to deliver complex projects and new capabilities for the organization in security space.
  • Exhibit consistency of security project & product delivery over 7+ years involving highly complex projects.
  • Exhibit ability to deliver measurable value for the organization.
  • Build reports and dashboards for immediate and executive management.
  • Reviews IT systems and business processes to identify information security risks and regulatory non-compliance, and guide remedy of issues noted.
  • Designs and delivers training on various Cyber Security initiatives.
  • Maintains familiarity with HIPAA / PCI-DSS and other Information Security regulations.
  • Interacts with co-workers, visitors, and other staff consistent with the iSCORE values of Jefferson.


  • Active team player in cyber security projects at Jefferson.
  • Conducts various cyber security assessment including risk assessments, DLP assessments, Vulnerability assessment and remediation and reporting.
  • Generates information security metrics by collecting and reporting on data from various systems and methods.
  • Supports other information security operations as required.


Bachelor’s degree in an information technology field preferred



At least one information security certification, such as a SSCP, GSEC, or professional certificate required. CISSP or CISM preferred.



At least five years of experience in an information security function, ability to multi-task, a keen eye for detail, strong organizational skills, the ability to thrive in fast-paced, high-stress situations, ability to communicate cyber security issues to peers and management.

3+ years solid understanding of Cyber Security & IT controls, network / systems / application penetration testing and vulnerability assessments. Experience with NIST and ISO frameworks. Solid knowledge of HIPAA, HITECH, and other IT security governing bodies.