Guidehouse Mclean , VA 22107
Posted 4 weeks ago
Job Family:
IT Cyber Security
Travel Required:
Up to 10%
Clearance Required:
None
What You Will Do:
Our Security Incident Management Technical Sr. Analyst - Amazon Web Services (AWS) is a member of a service team with upwards of four (4) personnel within the Information Security Operations group that are focused on incident response, data spillage response, eDiscovery/legal retention, phishing/spam/malware response, and threat hunting. Effectively supports and executes multiple or more complex IT Security Incident Management projects that may span company-wide initiatives within scope, timeline, and budget. Applies technical knowledge to innovation and performance improvement while demonstrating critical thinking and sound logic when assessing problems and opportunities in generating solutions. Accountable for ensuring the day-to-day operations of Guidehouse Information Management security systems, maintaining, and protecting Guidehouse and Client data within AWS to the NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 20000, HIPAA, and HITRUST standards, supporting the Office of General Counsel (OGC) with e-Discovery or legal retention holds/investigations within AWS, and managing security events and incidents through proactive hunting and anomaly investigations within AWS. Reports directly to the Security Incident Management Manager.
Job Function:
Understands and supports the IT Security Incident Management initiatives that support overall IT Security Operations goals and objectives
Demonstrates effective written and verbal communication skills; delivered in a professional, respectful, and timely manner
Produces high quality work product leveraging existing templates, tools, and methodologies that align to applicable professional standards and best practices
Clearly and concisely conveys more complex messages to IT Security Incident Management team; effectively presenting facts and recommendations
Designs and configures monitoring and alerts using AWS Security Hub in accordance with Guidehouse Policies, Standards, and Procedures
Assists with the development of incident response strategies and efforts to address security incidents and breaches, minimizing impact on business operations
Assists in conducting risk assessments and security audits to identify vulnerabilities and recommending mitigations to enhance security posture
Proactively asks questions, validates what is heard, and shares relevant informed point of view in meetings and client discussions
Demonstrates the ability to sense and respond to verbal and non-verbal cues and adapt my messages and approach based on the audience
Demonstrates honest and professional behavior in all interactions
Identifies risk issues (e.g., technical, client service, engagement, team, internal and external) and escalate them to IT Security supervisors and senior leaders
Helps with issue resolution, risk mitigation and contingency planning in alignment with IT Security Incident Management leader guidance and IT Security risk mitigation plans
Uses critical thinking, analysis, expertise, and collaboration to develop technical solutions and solve problems
Thinks innovatively to proactively identify opportunities for system and process enhancements and make recommendations to IT Security Incident Management leadership
Works in unstructured or unclear circumstances
Mentors and/or trains IT Security Incident Management team and/or IT Security, working with supervisor/leaders to position them for success, serving as a resource to peers
Promotes the development of new technical knowledge and skills within IT Security Incident Management team
Conducts quality assurance reviews using established or establishing KPIs and self-audit work before showing work to more senior staff and/or clients, learning from mistakes
Takes ownership of my tasks and the tasks I delegate, resolving issues and escalating as appropriate
Presents themselves and the company in a manner that always promotes a positive lasting impression of high quality, promptness, and professional service
Draws from experience to propose solutions to meet needs, focusing the team accordingly
Builds a high level of trust with stakeholders by meeting and anticipating needs and expectations
Demonstrates an advanced understanding within AWS and ability to apply technical or specialized knowledge specific to role, industry, business line, and/or functional area within AWS
Stays current on AWS events, trends, and issues in the news relevant to IT Security
Ensures prescribed IT Security policies, procedures, and standards are followed while identifying opportunities for system and process enhancements
Communicates with parties within and outside of IT Security; May have responsibility for communicating with parties external to the organization (e.g., customers, vendors, etc.)
Works independently on mid to large or complex projects and assignments, with minimal guidance and to influence parties within and outside the job function at an operational level regarding policies, best practices, and procedures
Responsible for developing technical AWS solutions that may require collaboration with internal expertise and deep analysis of the technical system
Problems and issues faced are difficult and may require understanding of broader set of issues. Problems typically involve consideration of multiple issues, job areas or specialties; Problems are typically solved through drawing from prior AWS experience and analysis of issues.
Manages projects while delegating work to lower-level employees
Ability to participate in cross- department discussions to influence job area processes
Exhibits practical knowledge of project management
Advanced understanding and ability to apply standards, principles, theories, and technical concepts obtained through advanced education combined with experience
What You Will Need:
Bachelor's Degree, plus 4 years of experience OR 8 years of experience can be substitute for degree
Clearance: Ability to obtain a National Security Clearance or a U.S. Federal Government Public Trust
Must be able to adjust work schedule as member of Incident Management to cover 24-hour operations in the event of a security incident
Must be able to work East Coast US business hours
Experience working with Executive Leadership
Experience supporting Microsoft Windows 10 operating system
Working knowledge of NIST SP 800-171 and NIST SP 800-53
Working knowledge of the MITRE ATT&CK framework
Extensive experience with AWS environments, network security, and information security principles
Experience managing AWS security services such as Identity and Access Management (IAM), Amazon Cognito, and AWS Shield to safeguard against unauthorized access and threats
Extensive experience with AWS Security Hub
Experience with AWS Control Tower
Experience working with Security Operation Centers, physically or virtually
Experience with eDiscovery, litigation holds, and legal investigations support
E-discovery or digital forensics data processing experience with a strong understanding of the e-discovery lifecycle and related data processing standards and concepts, including: data processing, data deduplication, de-nisting, imaging, metadata extraction, load files, and data migration across e-discovery platforms
Strong understanding of relational databases
Advanced skills with Excel (vlookups, macros, etc.); Experience using formulas in Excel to manipulate data
Knowledge of various data storage methodologies, data collections, data processing and methods of electronic production
Significant experience conducting Incident Response and Security Investigations
Experience executing processes and procedures in compliance with required NIST and IT standards
Experience using a SIEM, such as Splunk or AWS Security Hub to do analysis of security anomalies and events to do Incident Response and proactive threat hunting
Experience creating writing queries with Search Processing Language (SPL) or Kusto Query Language (KQL)
Working knowledge of ZeroTrust environments, monitoring strategies, and best business practices of threat hunting within AWS
Experience working with endpoint detection and response with tools such as Defender, Symantec, or CrowdStrike
Experience with taking Threat Intelligence and actioning it
Ability to work on many concurrent, and changing priorities
Action-oriented and able to manage and meet aggressive timelines and deadlines.
Must have excellent organizational and time management skills
What Would Be Nice To Have:
Degree in computer-related OR cyber field OR Master's Degree
Shall possess one OR more of the following certifications OR equivalent:
AWS Certified Cloud Practitioner Foundational
AWS Certified Security Specialty
AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Professional
AWS Certified DevOps Engineer Professional
AWS SysOps Administrator Associate
AWS Certified Data Engineer
AWS Machine Learning Specialty
(ISC)2 Certified Information Security Professional (CISSP)
ISACA Certified Information Security Manager (CISM)
SANs GIAC certification (e.g., GPEN or GW APT)
Offensive-Security Certified Professional (OSCP)
EC-Council Certified Ethical Hacker (CEH)
ACEDS Certified E-Discovery Specialist (CEDS)
CompTIA Security+ (Plus)
Experience working with firewalls/web application firewalls, secure file transfer systems, implementing changes, and monitoring status
Experience with Data Forensics and Legal/Ethical issues regarding Data
Experience working with US Federal Law Enforcement and/or Intelligence Communities
Working knowledge of Active Directory, Exchange, SharePoint, and Teams
Powershell and Basic Scripting Experience
Demonstrated ability to learn and document new technologies/solutions
Experience with ServiceNow is a plus
Experience working in an ITIL environment
Experience with AWS e-Discovery or advanced e-Discovery
The annual salary range for this position is $86,500.00-$129,700.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Position may be eligible for a discretionary variable incentive bonus
Parental Leave and Adoption Assistance
401(k) Retirement Plan
Basic Life & Supplemental Life
Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
Short-Term & Long-Term Disability
Student Loan PayDown
Tuition Reimbursement, Personal Development & Learning Opportunities
Skills Development & Certifications
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Emergency Back-Up Childcare Program
Mobility Stipend
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.
Guidehouse