Summary/Objective: Our Client is seeking an Information Security Analyst to provide information security direction, configuration, and operational support for an expanding Information Security and Compliance team. This will include the configuration and operation support of key security tools, as well as broader interactions with enterprise personnel to help mitigate security risks and advise the organization on security best practices. Essential Information Security Experience:
Sound comprehension of Information Security practices, concepts, and theories for traditional Information Technology (IT) assets.
Strong experience with IT security domains, configurations, and best practices, primarily the following areas:
Endpoint protection – malware prevention/detection, whitelisting and blacklisting, and SIEM integration. Sample vendors include Carbon Black, Crowdstrike, Cylance, or SentinelOne
Network security controls – firewalls, network IPS/IDS, web proxies, SD-WAN, and network segmentation. Sample vendors include Cisco Firepower/AMP, Darktrace, Palo Alto, Netskope, or Zscaler.
Strong experience with log aggregation platforms, SIEM technologies (Sample vendors: Exabeam, LogRhythm Cloud, Rapid7 InsightIDR, Splunk), and maximizing a hybrid SOC configuration/Managed SOC Service.
Experience with DLP technologies and configurations. Sample vendors and technologies include Digital Guardian, Forcepoint, and/or Microsoft Information Protection/DLP.
Experience with cloud protection/CASB technologies. Sample vendors include Forcepoint BitGlass, Palo Alto, Netskope, Zscaler.
Experience with vulnerability management vendors, vulnerability reports, driving patching activities and risk treatments. Sample vendors include Tanium, Tenable, and/or Rapid7 InsightVM.
Experience with secure network communications practices and protocols for hybrid data center deployments.
Experience with industry security frameworks including NIST, ISO, COBIT, and CISC Top 20 controls.
Familiarity with leading ERP packages and software including SAP, PeopleSoft, Oracle, etc preferred.
Familiarity with IT security domains, configurations, and best practices for the following technologies preferred:
Privileged access management – user and service account management, privileged account vaulting and monitoring. Sample vendors include BeyondTrust, CyberArk, Microsoft, and/or Thycotic.
Identity access management/SSO – access provisioning, permissions, access certifications and integration experience. Sample vendors include Microsoft, Okta, Ping, and/or SailPoint.
Experience defending against and/or mitigating system vulnerabilities related to network infrastructure devices and boundary defense through network and endpoint solution configuration
Strong understanding in O365 and Azure/Microsoft-based technologies to help manage data and asset risk.
Able to uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Flexibility in addressing various security problems across a disperse set of assets.
Strong problem solving, analytical, communication and interpersonal skills.
Qualifications - Internal To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Required Education and Experience:
Degree must be in Computer Science, Management/Computer Information Systems, or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, and Information Security)
Minimum of 5 years as a security analyst in a private or public organization
Experience with troubleshooting complex security configurations, issues, and problems
CISSP and/or CISM certification is preferred
Required Skills and Abilities:
Experience with traditional IT and security systems and platforms.
Strong technology aptitude.
Excellent communication, multi-tasking, and time management skills.
Working knowledge of Microsoft Office Suites (Word, Excel, PowerPoint, etc.).
Strong oral and written communication skills.
Collaborative team player with strong written and in-person communication skills.
Bonus Skills and Abilities:
Ability to write scripts in at least one language (Python, PowerShell preferably)
Experience with Operational Technology (OT) Security