Description

Security Analyst

About this role...

As NWEA's Security Analyst , you will perform security assessments by analyzing computing environments to deter mine vulnerabilities; recommend safeguards to mitigate risks; and perform compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures. You will work with cross functional teams to ensure security principles are integrated into daily practices . In addition, you will analyze and explain security vulnerabilities found during assess ments and provide gui dance on acceptable remediation . This position will be located at our downtown Portland headquarters and candidates must reside in or near the Portland metro area.

About us...

NWEA® is a research-based, not-for-profit organization that supports students and educators worldwide by creating assessment solutions that precisely measure growth and proficiency-and provide insights to help tailor instruction. For 40 years, NWEA has developed innovative pre-K-12 assessments, including our flagship interim assessment, MAP® Growth™; our progress monitoring and skills mastery tool, MAP® Skills™; and our reading fluency and comprehension assessment, MAP® Reading Fluency™. Educators trust our professional learning offerings to accelerate student learning and our research to support assessment validity and data interpretation. Our tools are trusted by educators in more than 9,500 schools, districts, and education agencies in 145 countries .

Your next challenge...

• M onitor security measures for the protection of computer systems, networks and information . Produce m etrics and Identify gaps in the ongoing operations of NWEA.
• Assist in preparing and documentation of standard operating procedures and protocols
• Design, develop, inform on, and audit security infrastructure devices such as network control systems (IPS / Firewall / Switches and routers with ACL s ) . Contribute to security controls and information security policies within the organization to protect the confidential data and critical systems. Review and identify updates to the policies as needed
• Perform vulnerability testing of all NWEA systems and a pplications
• Perform risk assessments and lead remediation efforts for risks and gaps
• Investigate intrusion incidents, indications of compromise, and associated incident responses
• Monitor appropriate system and application logs to look for trends in activity that could lead to security breaches
• Collaborate with colleagues and provide security advice across the organization on areas such as v ulnerability management, logging, authentication, authorization and encryption solutions
• Manage and a dministrate security tools and programs such as SIEM and vulnerability m anagement
• Evaluate and advise on new tec hnologies/trends that enhance security capabilities , considering NWEA 's roadmap
• Analyze security incidents to determine their root cause
• Act as a Security Evangelist and t rain employees in s ecurity awareness and procedure, including role-based training on application and systems securi ty
• Coordinate security plans with outside vendors
• Stay up to date on current security products, trends and emerging threats

Traits for success...

• E xperience in building and maintaining security systems
• Detailed technical knowledge of database and operating system security
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, application firewalls, etc .
• Experience with network technologies and with system, security, and network monitoring tools
• Experience with application security and Secure-SDLC. Ability to monitor and identify application risks
• Thorough understanding of the latest security principles, techniques, and protocols
• Basic understanding of web related technologies ( APIs, Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
• Knowledge of industry accepted standards and best practices related to incident response operations
• Ability to interact with cross-functional tea ms, influencing the organization towards greater maturity in Information Security .
• Excellent written and verbal communication skills

Education and experience ...

• Prefer candidates with prior experience working in a security operation center
• BS degree in Computer Science or related field desired
• Experience in analytical and problem- solving skills related to network, system, forensic and malware analysis
• Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Security Systems Manager, malware analysis and forensics tools
• In-depth understanding of TCP-IP concepts and packet capture review utilizing tools to investigate suspicious events and anomalies
• K nowledge in information t echnologies, including computer hardware and software, operating systems, and networking protocols
• Knowledge of hacker tactics, techniques and procedures .
• At least two years of experience working with the technical aspects of Information Security
• F ive years of Information Technology experience desired .
• Knowledge and application of Information Security Frameworks and controls
• Strongly prefer candidates with a current Information Security certification such as CCSK, CCSP, CEH, GCIH, CISSP or CISA

What we can offer you...
At NWEA we not only offer a competitive base salary, we offer a 15% contribution of eligible employees' base salary to a defined contribution 403(b) retirement savings plan; career development opportunities; an awesome work culture and environment; we also offer industry leading benefits and perks that are focused on supporting our employees' holistic wellbeing. To learn more about what we can offer more, click here

NWEA™ endeavors to make www.nwea.org accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please call us at (503) 624-1951 or e-mail us at onlineaccommodations@nwea.org and let us know the nature of your request, your location and your contact information. This is for accommodation requests only and cannot be used to inquire about the status of applications.
NWEA™ is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please visit our NWEA website. If you'd like more information on your EEO rights under the law, please visit the EEOC website