Vacancy expired!
- Security Analyst/Engineer is a hands-on role that will collaborate with technology and business personnel in various security capabilities.
- This is a high visible and cross functional role as it relates to the increasing organization security posture and reducing risk.
- The candidate should have advanced, in-depth knowledge of the vulnerability management lifecycle, Incident mgmt., information security governance and risk, working experience using various security tools, and strong background in security architecture.
- This position is responsible for a broad range of tasks, including the day-to-day security tactical support utilizing information various security tools.
- This position will require working experience on regulatory compliance drivers such as TAC202 TCF framework and NIST.
- In-depth knowledge of operating systems and security applications, as well as a working knowledge of communication protocols, is required.
- Configure and maintain security Cisco security tools.
- Working experience on MS Azure and MS365
- Provide direction and support for a program, system, or enclaves information assurance program
- Provide security guidance and support to system developers, administrators, and owners.
- Provide guidance, support, and architecture review for directed changes related to security
- Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
- Working experience on various security tools to locate and repair security problems, exploits, incidents, or failures.
- Strong working experience in helping build our security incident management program and network security.
- Develop and maintain documentation for security systems and procedures.
- Respond to and, where appropriate, resolve or escalate reported security incidents.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
- Participate in infrastructure projects to develop, and plan system security technologies in support of key information systems.
- May be required to assist in the management of firewalls and intrusion detection systems.
- Implement or coordinate remediation required by audits, and document exceptions as necessary.
- Perform system and application vulnerability testing.
- Participate in enterprise testing and assessment activities
- Research threats and vulnerabilities and, where appropriate, act to mitigate threats and remediate vulnerabilities.
- Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
- Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
- Working knowledge of compliance standards such as TCF Framework, NIST, and FedRAMP
- 5 or more years of experience in information security.
- Minimum of five years of IT security experience.
- Possess one of the following Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or equivalent.
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
- Strong working experience in OS/365, Cisco Security Suite, and working knowledge network security is preferred.
- Strong working knowledge of IT service management ITIL related services Change management, Configuration management, Asset management, Incident management, Problem management, etc.
- Experience with NESSUS in a complex network environment
- Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
- Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
- Ability to work well under minimal supervision with team-oriented interpersonal skills, is a must.
- Strong written and verbal communication skills.
- Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation
Vacancy expired!