We are currently seeking an IT Security Analyst to join our Information Technology team in Jacksonville, Florida.
RS&H has spent the past several years developing and improving its information security program through the implementation of the latest technologies, services, controls, policies and procedures with a focus on system protections. The next phase of this journey is to develop and improve our detection and response capabilities. Building on our prevention successes, we are expanding our capabilities to include monitoring and detecting threats to both on-premise and cloud systems.
This individual will focus on daily threat intelligence and alerts generated by our Managed Detection and Response (MDR) service provider, EDR technology, Office 365 security features, web-based security, email security and other security devices for threat detection and hunting. The position requires a solid understanding of cyber security tools, techniques and procedures, and an acute ability to develop informed and threat-driven analysis of security events that affect RS&H and its interests. In general, this work will focus on monitoring security events and producing a more complete understanding of our threats.
Other activities may include researching new threats/cyber related topics; performing discovery, detection and disruption activities; and developing reports on cyber-related information to management. All these efforts will feed ongoing analysis done by management of the global threat landscape.
Duties and Responsibilities:
Operate and maintain on-premise and/or cloud-based security solutions.
Review and analyze incoming alerts and cyber threat information for relevance to the RS&H's security posture based on established business and intelligence requirements.
Collaborate with IT and business stakeholders to understand and mitigate the security threats to RS&H.
Gather, contextualize, and convert alerts into security tasks that can be easily acted upon by appropriate staff within RS&H.
Develop and maintain appropriate documentation of security analysis and incident response functions.
Use established workflows to process threat information (i.e., identify, highlight, document, and mitigate Information security issues and risks).
Develop and maintain behavioral- and signature-based threat-driven use-cases.
Deliver results that are consistent, within given time frames and well documented.
Identify opportunities for and drive improvements of internal processes, procedures, and workflows.
Perform, on both a regular and ad-hoc basis, accurate information security reporting primarily from existing features of the current security tools.
Adhere to RS&H policies and procedures and drive compliance within the team.
Take ownership for personal career development while seeking opportunities to develop oneself and improve performance contribution.
Associates degree in IT related discipline
5+ years of experience in related field
Experience with Cisco security solutions to include CES, Umbrella, AnyConnect VPN and AMP. Cisco ASA and FTD firewall experience is a plus
Preferred certifications (e.g., GCDA, GCFA, CSA+, GMON, and CEH).
Demonstrated problem solving and analytical skills, and willingness to learn new technologies and development methodologies.
Specific experience with SIEM/SIEM-like technologies. Rapid7 InsightIDR experience is a plus.
Experience in evaluating, assessing, and contextualizing device and network vulnerabilities.
Experience with the security features of the Office 365 environment (e.g., RMS).
Experience with basic data and network analysis tools (e.g., Wireshark).
Experience with NIST SP 800-171 or 800-53 controls is a plus.
PowerShell scripting experience.
Strong verbal and written communication skills and experience explaining technical concepts to business teams.
If this sounds like the role for you and you're ready to join an amazing team, please apply.
Our Information Technology team engages with leaders and associates across the firm to advance technology solutions and achieve business objectives. We apply our expertise to promote and support design, project management, and business solutions; build and operate our on-premises and cloud infrastructures; measure and limit our cyber risk; and respond to the technology needs of our associates.
RS&H provides fully integrated architecture, engineering, and consulting services to help clients realize their most complex facility and infrastructure projects for land, air, and space. We are committed to bringing extraordinary solutions to our clients through the promise of imagination, ingenuity, and innovation. With a tradition of excellence that began in 1941, we are consistently ranked among the nation's top 100 design firms. We attribute our success to an unwavering commitment to our core values of: integrity, quality service, business success and valuing associates.
An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Please view Equal Employment Opportunity Posters provided by OFCCP here.
RS And H