Duties And Responsibilities
- Conduct real-time and historical analysis of network traffics, and systems/application logs; correlating such to improve security posture.
- Analyzing, triaging, remediation, escalating, and reporting on client security events including investigation of anomalous network activity, and responding to cyber incidents within the network environment.
- Respond to and remediate network security alerts across multiple platforms.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
- Continuous & persistent monitoring of security technologies/tool data and network traffic which results in security alerts generated. Develop, execute, and track the performance of security measures to protect information and network infrastructure.
- Coordinate incident response activities, gather evidence, conduct forensic analysis on incidents, evaluate security controls, and make recommendations.
- Investigate, document, and report on information security issues and emerging trends.
- Conduct threat and vulnerability tests (Nessus and AWS Inspector) and own the remediation process of findings.
- Manage the Data Loss Prevention (DLP) Program, coordinate the remediation efforts, generate reports, and provide metrics on the effectiveness of the DLP program.
- Assist in the management of firewalls, intrusion detection systems, VPCs, WAF, gateways, switches, and routers, which includes researching, designing, formulating, and documenting firewall rules.
- Continuously tune security tools to minimize false positives, and maximize detection, and prevention effectiveness.
- Analyzes malware and attacker tactics to improve network detection capabilities.
- Categorize Incidents and severity consistent with organization criteria.
- As Assigned
Qualifications
- A bachelor's degree in information technology systems, computer science, or a related field and experience in information technology systems or a related area
- At least 3 years of information security experience
- 2 years of AWS and O365 security experience AWS certification is a plus
- CompTIA Security + certification
- Experience using Nessus, AWS inspector, Kibana, Kali
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
- Experience in system administration of Windows
- Knowledge of TCP/IP Protocols, network analysis, and network/security applications
- Familiarity with web-related technologies (Web applications, Web Services, Service Oriented Architectures) and network/web-related protocols
- Ability to multi-task, prioritize, and manage time effectively
- Strong attention to detail; excellent customer service skills
- Solution orientation to problem resolution and process improvement
Working conditions
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, and fax machines.
Physical Requirements
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms and requires the ability to occasionally lift office products and supplies up to 20 pounds.
- Must be available on an on-call basis 24 hours per day, 7 days per week
- Must be willing to carry a cell phone