IT Security Analyst - Technical

Overview

The IT Security Analyst is responsible for supporting and analyzing the Company’s IT security and compliance documentation, process, procedures, and audits. The IT Security Analyst will participate in conducting overall security assessments through vulnerability testing and risk analysis. In addition, the role will act as a liaison between the business and IT ensuring all security processes and procedures are being followed in the organization while working with IT leadership to identify new and current software solutions and controls are in place to secure both online and on-premises infrastructures.

The essential functions in this job description are not all-inclusive of this position’s duties and responsibilities. Reliable and dependable attendance is required.

• Assess, gather, and present data for the internal audit process for user rights access management for access to all required systems.
• Support annual PCI audit process and documentation delivery to ensure business is compliant to PCI standards.
• Understand security related patching process, log & event correlation, and related reporting tools.
• Coordinate annual penetration and weekly vulnerability scanning with 3rd party partner.
• Understand and complete monthly application security scanning/external websites.
• Assist in reviewing annual policies, procedures, and control processes to ensure proper execution. This may include creating procedural documentation and runbooks to support compliance and audit efforts.
• Assist in planning and performing walk-throughs as determined by internal and external auditors.
• Analyze IT requirements and provide objective advice on the use of IT security requirements.
• Work with IT Leaderships and Training to create and update security training programs to train employees on security awareness.
• Provide insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.

• Bachelor’s degree or equivalent experience required
• Minimum of two years’ IT/cyber security experience is required
• Strong understanding of MS AD and, Intune Azure AD
• Experienced in operating and reporting with the following platforms: SIEM, EDR/XDR/MDR, & Vulnerability/Penetration testing systems
• Halo experience is preferred
• N-Able RMM tool experience is helpful
• Experience with SaaS, EASM, FIM, CSPM, CSAM
• Experience with phishing and email filtering tools
• Qualys and Crowd Strike experience is helpful
• Restaurant IT support experience is preferred

First Watch is an equal opportunity employer. In compliance with the Americans with Disabilities Act, First Watch will provide reasonable accommodations to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.