Security Risk Analyst II
AAA Cooper Transportation, founded in 1955, is an asset based multi-regional trucking company providing less-than-truckload, truck load, dedicated contract carriage, brokerage and international services. With directly operated facilities in the Southeast, Southwest, Midwest and Puerto Rico and partners carriers with coverage into Canada, Mexico and across the globe, AAA Cooper Transportation can service nearly all transportation needs.
As a key member of the Information Assurance team, the Security Analyst is responsible for monitoring and detecting security incidents, conducting in-depth analyses, and implementing appropriate measures to mitigate potential risks (protect, detect, respond). The ideal candidate should possess strong technical acumen, a solid understanding of cybersecurity principles, and a proactive mindset to stay ahead of emerging threats to ensure integrity, confidentiality, and availability of corporate information systems and data.
Essential Duties and Responsibilities(Other duties may be assigned):
Security Monitoring - Monitor security alerts and events from various security tools, including SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Intrusion Prevention Systems), and other threat intelligence sources.
Incident Detection and Response - Investigate and analyze security incidents to determine the root cause, impact, and extent of intrusion. Coordinate with the Incident Response team to contain, mitigate, and remediate security incidents in a timely manner.
Security Tool Management - Assist in the implementation, configuration, and maintenance of security tools, ensuring their optimal performance in threat detection and prevention.
Vulnerability Assessment - Conduct regular vulnerability assessments and penetration tests on systems, applications, and network infrastructure to identify potential weaknesses and provide recommendations for improvement.
Threat Intelligence - Stay informed about the latest cybersecurity threats, vulnerabilities, and attack vectors through threat intelligence sources, industry reports, and information-sharing platforms.
Disaster Recovery and Business Continuity - Help design and manage the business continuity and disaster recovery plans for the enterprise.
Security Documentation - Maintain accurate and up-to-date records of security incidents, investigations, and actions taken, and prepare detailed incident reports for management and stakeholders.
Continuous Improvement - Participate in post-incident reviews and lessons learned sessions to identify areas for improvement and develop proactive measures to enhance overall cybersecurity posture.
To perform the job successfully, an individual should demonstrate the following competencies:
Business Acumen - Understand business implications of decisions; Demonstrates knowledge of market and competition and how evolving cybersecurity risk can impact profitability and the industry in general.
Professional Development - Maintains up-to-date knowledge of available and emerging information systems and cybersecurity technologies through professional reading, attending industry conferences, and training.
Conflict Resolution - Encourages open communications; Confronts difficult situations; maintains objectivity; keeps emotions under control; uses negotiations skills to resolve conflicts.
Good judgment and decision making.
Impact & Influence - Pursues and wins support for ideas; displays ability to influence key decision-makers; achieves win-win outcomes; uses influence appropriately to accomplish goals; collaborates with interdepartmental administrative staff to ensure information assurance responsibilities are fulfilled; considers divergent opinions.
Relationship Building - Builds rapport up, down and across the organization; establishes collaborative relationships to achieve objectives; seeks win-win solutions to conflict; develops network of professional contacts; displays empathy and tolerates diverse viewpoints.
Category: General Office Administration