Title: Security Analyst
Location: Portland, OR Area
Type : C ontract
At IGNW (formerly InfoGroup Northwest ), we use our deep technical insights, local market knowledge and rock-solid relationships and reputation to create exceptional business outcomes for people and companies every day. We are based in Portland, OR with global partnerships to deliver the industry's top technical solutions and talent to every one of our clients. Our clients, consultants, contractors, partners and employees choose IGNW because we tackle the tough problems, and we care deeply about people while we do it.
We are proud to foster a great team working environment, to offer highly competitive compensation and to offer full benefits packages including medical, F lexible Spending Accounts, dental and vision. If you would like to learn more, join our team, or explore how IGNW can benefit your business, please reach out today!
The Information Security Analyst will focus on protecting digital infrastructure and act as the primary Security Incident Responder should a security event or incident occur. The ideal candidate must be familiar with vulnerability management practices and procedures to help shape the tactical risk mitigation and response protocol for the Information Security Office.
The security analyst will perform the necessary operational analysis and security program tasks related to developing a comprehensive security controls mapping of enterprise network security architecture, cloud operations and implementation of a secure software development life cycle (SSDLC). The security analyst will also be familiar with forensics, network architecture, file systems, operating systems ( Wndows /Linux), disk file systems, and threat monitoring solutions, including firewalls and other solutions. The security architect will also be responsible for control compliance related to GDPR compliance and SOC2 certifications as well as general Information Security policy enforcement.
Lead design, development, and deployment of technical and application solutions to meet business requirements that are cost effective, sustainable and follow industry best practice. Deliver conceptual, logical, and physical solution specifications.
Translate business requirements using complex methods and models to determine appropriate system solutions.
Research, identify, test, certify, and select technology products required for solution delivery.
Establish and implement technology migration strategies for a specific application or architecture within the IT portfolio.
Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues;
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; design public key infrastructures (PKIs), including use of certification authorities (CAs), secure ciphers and digital signatures as well as hardware and software; adhering to current industry standards.
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing & publishing documentation and effective communication of specifications.
Verifies security systems by developing automation to implement test scripts.
Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements and provide leadership in the threat and vulnerability assessment process.
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations and disseminating that information to applicable Information Security team members.
Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Ongoing improvement and communication related to the corporate security incident response plan and lead team through incidents and act as first responder. The first responder must be able to communicate while under pressure and be able to direct a team to resolve the incident
Develop Information Security Process and publish to applicable staff. Provide enforcement and training as needed. This will include partnering with software development architecture team to act as a threat modeling consultant.
Communicate with other members of the security team to keep InfoSec management, IT management and senior leadership apprised of the risks and threat landscape. Offer recommendations on the best course of action to stay in line with budgets and resources
Proactively engage across IT and the business to ensure an understanding of the importance of information security to protect data and technology assets
Lead, investigate, document, and partner to resolve security issues through individual and team contributionsQualifications:
Bachelors Degree in Information Security, Computer Science or equivalent; or 5 years comparable work/military experience
Security Certifications such as CISSP, CISM, CCNA-S, MCSE, GIAC (any related).
3-5 years of progressive information security experience
Advanced level experience with scripting automation using Python, Bash & PowerShell
Proven experience building security reference architecture for on premise, all-in cloud deployments, and hybrid scenarios
Implementation experience with enterprise security solutions such as Endpoint Protection (DLP/Whitelisting/HIPS), WAF, IPS, Anti-DDOS, and SIEM/FIM.
Strong knowledge of networking including large scale network segmentation and emerging technologies in the Software Defined Networking space
Knowledge of Identity and Access Management, Single-Sign On, MFA, WAF and PKI/Certificate Services.
Familiarity with compliance & security standards (NIST, ISO).
Demonstrated ability to think strategically about business, product, and technical challenges
Experience researching and evaluating available technologies and standards to meet requirements
Experience with working on global teams across time zones, cultures and languages.
Strong communications skills, both written and spoken.
Please note: Our clients may require that candidates pass a drug and/or background check.
To apply, please send your resume to:
Oregon's Top 100 Best Companies to Work For - 3 years running
IGNW has earned the Best of Staffing Award for providing remarkable service to hiring managers and job seekers. Check it out!
To view other IGNW opportunities please visit
Analysis, Analyst, Architecture, Bash, BIND, Business Requirements, CCNA, CISSP, Development, Hardware, HTML, HTTP, ISO, Linux, Management, MCSE, Modeling, Networking, Networks, PowerShell, Project, Protocol, Python, Research, Routers, Scripts, Security