Our client is looking for a talented security professional to join a high-performing team responsible for governing, managing and delivering cybersecurity defenses. As a Senior Security Analyst, this position will provide the individual an opportunity to help shape the direction of our company’s cyber security programs by providing thought leadership, professional support and valued contributions to a range of activities.
This role within the threat management team will provide operational support for security defenses, including the technologies deployed for network security monitoring, and network security engineering. This position plays a critical role in helping shape cloud and perimeter security architectures and identifying, protecting, detecting and responding to potential security incidents.
This position is responsible for assisting and enabling the transition of network security monitoring technologies to the cloud while also supporting preventative security technologies, detecting and responding to possible incidents, assessing potential risks, and helping to mitigate emerging threats. Specifically, this role is part of a team that is responsible for:
- Providing network security and cloud engineering, design and build supporting enterprise level initiatives.
- Participating and potentially leading projects that evaluate new and emerging technologies and/or services; this includes performing industry research to determine available products / services, conducting proof-of-concept evaluations, and making recommendations to management on security investments.
- Employing the security technologies to continuously monitor the company’s assets, conduct technical analysis of network traffic to identify anomalies and then taking action to respond to potential vulnerabilities and threats. This work includes reviewing automated alerts, correlating information from various sources, triage and applying preventative controls to mitigate risks.
- Interacting and partnering with the Security Operations Center (SOC) team members on incident response activities.
- Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner. As such, this role requires 24x7 on-call rotational coverage for response to potential security incidents.
- Reviewing security intelligence information and researching emerging threats in order to proactively identify and prevent potential threats.
Candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:
- College degree in Computer Science, Information Security, Engineering, related field or equivalent experience.
- 3+ years of work experience in Information Security, and 7+ years in similarly technical roles, such as those working with networking and/or scripting technologies.
- Experience designing and supporting network security technologies in a hybrid cloud environment is preferred.
- Strong network security engineering and design experience.
- Knowledge of computer network defense and other network security concepts.
- A broad and diverse security skill-set with advanced understanding of modern network security technologies (e.g. Firewalls, Security Information Event Management, Intrusion Prevention, Intrusion Detection, DDoS protections, etc.).
- Practical experience and strong knowledge of operating systems (Linux, Windows, MacOS), network communication protocols, firewalls, web application firewalls, packet analysis, log analysis, endpoint security technologies and scripting skills.
- Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, cloud computing, infrastructure, and applications.
- An ability to identify and assesses the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.
- Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.
- Experience with risk management practices and audit controls.
- A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.
- Industry recognized certifications, such as Certified Information Systems Security Professional (CISSP), ISC 2 , GIAC, ISACA certifications are preferred.