IT Security Analyst
This position is responsible for implementing, administering and maintaining Norwegian Cruise Line's enterprise security solutions and tools. This entails monitoring queues in the ticketing system while working closely with Norwegian's Solutions Desk Team to identify, document and mitigate security concerns as related to overall access to Norwegian Cruise Line resources. Also entails applying fundamental security and access frameworks to assist with the development and maintenance of security controls as well as training end users in security best practices through presentations, newsletters and other media associated with IT Security and the protection of data.
Proficiency in general Windows administration to include working knowledge of system, application and network technology that operates on a Windows platform. Working knowledge of creating, modifying and deleting accounts in Active Directory and corporate applications as well as re-setting passwords and supporting end users. Ability to assist with creating documentation for training and reference purposes. Ability to apply the business terminology and processes for the security systems supported. Working knowledge of the business requirements for the security systems related to areas of support. Ability to communicate with tact and diplomacy, both orally and in writing, in order to work professionally with team members at all levels within the company as well as to present issues and recommend solutions. Ability to support resource access requirements for all corporate office and ships where applicable. Ability to work well and maintain a professional composure when working under stress and pressure. Ability to use prudent judgment to maintain a high degree of confidentiality and safeguard sensitive information.
Bachelor’s Degree in Computer Science or a closely related field or Associate’s Degree in Computer Science that includes a minimum 5 years hands-on work experience in IT security.
Minimum 3 to 5 years work experience in IT security with at least 1 year of experience focusing on identity and access management.
Implements, administers and maintains enterprise security solutions such as anti-virus, endpoint encryption, two-factor authentication, VPN remote access solutions, file integrity/monitoring tools, password management tools, security incidents and event management tools. Meets compliance responsibilities such as log monitoring, anti-virus reviews and access reviews. Analyzes the data and trends then reports on any findings or suspicious activities. Opens tickets and escalates activities required from other team members. Maintains evidence of reviews by opening a ticket for the activity in the Service Desk ticket system. Reviews anti-virus status daily by individually going into the consoles of the ships, remote offices and corporate office and helps resolve or escalate issues that can present risk to Norwegian Cruise Line's systems. Monitors departmental mailbox for access and security requests. Analyzes and validates access requests against the approvals matrix. Access includes, but is not limited to, creation and maintenance of the following: Active Directory user and group accounts, mailboxes, distribution lists, Seaware, Oracle, PeopleSoft, MAPS, MXP and Oasis. Grants additional access to resources (shared folders and departmental mailboxes), Service Desk contacts and VPN Portal for vendors and team members. Implements and maintains security solutions with hardware, software and processes. Installs equipment from the beginning, testing and promoting phases to production based on a Network Engineer's project plans. Applies patches, monitoring and escalating space limitations, identifying risk thresholds and upgrading software. Uses ticketing systems to monitor, manage, update and create tickets. Generates requests, incidents and changes for other teams. Generates monthly and quarterly user access reports and provided to business units for review. Works with business units on security best practices and trains new team members. Manages the message across the company for consistency. Attends each New Team Member Orientation and any special requests from departments to help train team members in matters concerning IT security and data handling. Works closely with Security Engineers to implement, manage and support the following solutions: AV, Scanmail, laptop encryption, patch management, Security Events/Incidents Manager, WIPS, two-factor authentication, SSL VPN access and password manager. Combines efforts with Security Engineers to address production issues related to applications stated. Analyzes information, creating support tickets with vendors and communicating support responses with Engineers. Performs all other job related functions as assigned.
Within reasonable accommodation, ability to remain seated for long periods of time and monitor email ticket queues. Ability to work on an on-call basis to include rotations on weekends and evenings.
In order to be considered for this position, it is REQUIRED that you read and answer the following questions. Please provide your responses to these questions on a cover letter. 1. Does your work experience include working with Active Directories? 2. What IT security administration software programs/tools do you have experience using? 3. Are you able to work on an on-call basis to include working evenings and weekends as required? 4. What is your minimum salary requirement?