D.A. Davidson Companies is an independent, employee\-owned company with a rich history spanning more than 80 years. We are dedicated to conducting our business in accordance with the highest standards of integrity and ethics, and delivering outstanding service to our clients and each other. We support a friendly, open and supportive culture, and encourage candid communication and productive engagement that make our companies and each of us better. Just as we work to improve our clients’ financial well\-being, we also work to strengthen local communities—and giving back is one of our core values. You can learn more about our company culture and impact in our latest annual report.
Summary/Function:
The Cyber Security Analyst is responsible for assisting with the day\-to\-day operations in securing the Firm’s technology assets. The Cyber Security Analyst is responsible for providing technical expertise in several areas including network, system, and application security. The Cyber Security Analyst works closely with various IT teams to ensure systems and networks are designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The Cyber Security Analyst triages security alerts with the goal of suggesting detection improvements and mitigating security threats.
Ability to think critically and solve problems with limited support from management
A two\-year college degree or equivalent industry training, certification, and/or experience
Two or more of the following certifications or proven expertise in these areas: Security\+, Network\+, CCNA, CySA\+, CEH, etc.
Two or more of the following certifications or proven expertise in these areas: MS\-900 : Microsoft 365 Fundamentals, SC\-900: Microsoft Security Fundamentals, CSC\-200: Microsoft Security Operations Analyst, SC\-300: Microsoft Identity and Access Administrator, SC\-401: Information Security Administrator, Microsoft Certified: Identity and Access Administrator Associate etc preferred
Good knowledge of Agile frameworks preferred
Good knowledge of the Software Development Lifecycle (SDLC) preferred
Working knowledge of multiple programming languages including, but not limited to: XML, HTML, CSS, SQL, JavaScript, and Bootstrap preferred
Experience creating and consuming web\-based services preferred
Experience with Static and Dynamic Application Security Testing preferred
Experience with enterprise\-class technologies including firewalls, VPNs, desktop and server operating systems, SIEM, WAF, DLP, EDR, web gateways, and physical security
Strong ability to communicate concepts and initiatives effectively through phone, email, instant messaging, and video conferencing platforms with all levels of the Firm
Prior experience performing security reviews and risk assessments
Experience working and collaborating effectively with business management, technical subject matter experts, and internal/external partners in finding solutions
Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness, testing and reporting on results, and recommendations
Experience with creating and maintaining high quality documentation related to IT processes including flow charts and data flow diagrams
Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively.
Proficiency in scripting languages including Powershell and Python preferred
Familiarity with MITRE ATT\&CK
Prior experience working within a financial service organization preferred
Individual must be able to perform with minimal supervision of routine duties; demonstrate ability to solve problems and deal with a variety of variables and situations where only limited standardization may exist; interpret instructions furnished in written, oral, diagram, or schedule formats; and be able to handle multiple tasks simultaneously
The qualifications and demands described in this job description are representative of those most appropriate for successful performance of the essential functions of this job. Upon request, reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Duties:
Monitor and respond to security inquiries, requests, and incidents as part of our security operations center (SOC) to support the business through sound and timely cybersecurity response
Review and maintain department standards, procedures, and guidelines
Troubleshoot security tools and answer general inquiries regarding information security practices and secure access
Follow established processes to ensure compliance with policies. Report all suspicious activity or non\-compliance to management
Assess new and existing technologies to determine potential value and risk to the enterprise and ensure risk beyond defined thresholds is appropriately treated
Perform and support forensic/e\-discovery investigations as directed by management.
Identify improvement opportunities and provide recommendations to further mature existing IT processes and controls to align with best practices including use of automation and optimization
Assist in continual design, implementation, and operationalization of security operations lifecycle to continually mature the security of our business environment and SIEM reporting.
Prepare ongoing reports with specified metrics/ key performance indicators related to the security operations lifecycle
Recommend and assist in the remediation of security controls and enhancements to reduce risk throughout the enterprise
Participate in other special projects or strategic initiatives at the direction of management
This description indicates the kinds of tasks and level of work difficulty required for this position. It is not intended as a complete list of specific duties and responsibilities. Nor is it intended to limit or modify the right of any supervisor to assign other duties not mentioned.
What we offer:
Competitive salary plus excellent benefits and perks including, but not limited to:
Medical, Dental and Vision
Company 401(k)and ESOP contribution
Generous sick, vacation, and maternity/parental leave
Paid holidays
Professional Development Opportunities
Tuition Reimbursement ($15,000 lifetime cap)
Charitable gift\-matching program
Davidson Day of Giving – Our tradition of positively impacting communities in which we live and work.
The potential base pay hiring range for this role is $28\.00 to $32\.00 per hour. The compensation offered will be determined on a case\-by\-case basis considering a variety of factors including, but not limited to, the skills, relevant work experience, and geographic location of each specific candidate. This role is eligible to participate in applicable D.A. Davidson variable compensation programs.
At D.A. Davidson, we are committed to fostering a diverse environment that supports the development and inclusivity of all employees.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Please answer all questions carefully: incomplete or inaccurate answers may impact your potential employment. By clicking Submit Application, you declare that all statements in this application are truthful to the best of your knowledge. California applicants please see D.A. Davidson's California Resident Privacy Policy.