Security Analyst With Risk/Vulnerability Assessment

Innosoul Columbia , SC 29201

Posted 4 days ago

Request ID: BL-9017-1

Security Analyst with risk/vulnerability assessment, intrusion detection, firewall, Nessus, Forescout, data classification/management tools, incident management and POAM experience

Location: Columbia SC
Duration: 12 Months Hrs/Wk: 37.50

DAILY DUTIES / RESPONSIBILITIES:
1. CONFIGURE, OPTIMIZE, AND MAINTAIN CURRENT SECURITY TOOLS TO INCLUDE NETWORK AND SERVER MONITORS AS WELL AS VULNERABILITY SCANNERS AND INTRUSION DETECTION.
2. REVIEW FIREWALL REPORTS AND CREATE REPORTS OF ATTACK METHODS AND THEIR RISK TO THE AGENCY.
3. REWORK OUR VULNERABILITY SCANNING TOOLS TO BETTER ALLOW US TO IDENTIFY RISK.
4. RESEARCH CURRENT SECURITY INITIATIVES AND MAKE RECOMMENDATIONS TO MANAGEMENT

Required Skills (rank in order of Importance):
• Nessus vulnerability scanner
• Configuration and maintenance
• Forescout automation
• Assistance with windows updates and patches as required
• Vulnerability analysis and remediation methods
• Data classification and management tools
• Incident handling experience
• Security policy and procedures

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
POAM EXPERIENCE
SECURITY PROCEDURE DOCUMENTATION

REQUIRED EDUCATION:
PREFER BACHELOR’S DEGREE IN INFORMATION TECHNOLOGY RELATED DISCIPLINE WITH 3 YEARS OF EXPERIENCE OR MINIMUM 5 YEARS RELATED EXPERIENCE.

REQUIRED CERTIFICATIONS:
NOT REQUIRED BUT SECURITY CERTIFICATIONS WILL BE FACTORED IN THE SELECTION PROCESS

• Experience
• IT Administration Patch Management Yes 1
• Miscellaneous Configuration management Yes 1
• Network Security information security principles and practices Yes 1 Advanced Currently Using 4 – 6 Years
• Network Security risk/vulnerability assessments Yes 3 Intermediate Currently Using 4 – 6 Years
• Network Security Tenable Security Center Administration Yes 1 Advanced Currently Using 4 – 6 Years
• Networking & Directories INCIDENT MANAGEMENT Yes 2 Advanced Currently Using 4 – 6 Years
• Specialties Experience in developing and maintaining documentation for policies, procedures, and best practices Yes 4 Intermediate Currently Using 4 – 6 Years
• Specialties Experience with security and data classification related to CDC, HIPAA, and CJIS Yes 2 Advanced Currently Using 4 – 6 Years
• Specialties Vulnerability Scanning Yes 1

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
IT Security Analyst III

Misolutions Consulting

Posted 4 days ago

VIEW JOBS 12/1/2019 9:04:03 PM 2020-02-29T21:04 <p>The Tier 3 Managed SOC Analysts primary function is to provide managed security operations center (SOC) analysis associated with customer monitoring activities through the processing and management of incident and request tickets, as they are assigned. Deeper dives into threat hunting are also in scope. The responsibilities include receiving and managing escalations from Tier 1 or 2 Analysts, customers, and other internal groups, as well as managing the full incident handling lifecycle with customers. The Tier 3 Analyst is expected to contribute to internal documentation and adherence to SLA targets and requirements. The role includes forensic log root cause analysis, and interfacing with clients and associates as needed to resolve complex cases. Tier 3 Analysts are expected to participate in, and contribute to planning and implementation of strategic and operational projects in efforts to achieve overall MSS goals. Tier 3 analysts are expected to be able to troubleshoot complex problems with little oversight, take ownership and work independently as needed to resolve customer issues.<br />  </p> <p><strong>Duties and Responsibilities:</strong></p> <ul> <li>Maintain Industry Training - This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques</li> <li>Maintain Knowledge of Current Threats - Keep up-to-date on current threats by regularly reading industry-related articles</li> <li>Case Management - ensuring the case management process is handled efficiently in a timely manner by all SOC personnel.</li> <li>SOC Activity Log -creating, reviewing, and maintaining entries , working with other analysts Report Creation - creating temporary or permanent reports for customers, as requested. </li> <li>Customer Meetings - attending and/or leading customer meetings as part of incident response and incident handling</li> <li>Training and Mentoring SOC personnel - Security Analysts are responsible for training new SOC employees; also responsible for training and mentoring existing SOC personnel on new technologies implemented by CenturyLink; also responsible for retraining SOC personnel, if necessary</li> <li>Tuning - regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered</li> <li>System Maintenance - assisting SOC Engineers with maintenance on security devices, as needed</li> <li>Projects - May lead moderately complex security projects as assigned</li> </ul> <p><strong>Shift Responsibilities:</strong></p> <ul> <li>The Security Analyst is responsible for the following shift duties:</li> <li>Daily Traffic Review - replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by a Level 1 Analyst.</li> <li>Report Run Verification - ensure customer reports run as scheduled</li> <li>Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study</li> <li>Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents</li> <li>Handle Tier 2 event incident response, case management, and customer notification</li> <li>Ensure security devices contain up-to-date signatures libraries</li> <li>Assist with engineering tasks as necessary</li> <li>Train SOC Level 1 Analysts on new attack signatures and attack methodologies</li> <li>Providing process and operational improvement suggestions</li> <li>Review and update documentation (such as SOPs and TTPs)</li> <li>Complete vendor training as requested by Management</li> <li>Subscribe to and review security mailing lists such as ISC SANS (isc.sans.edu)</li> <li>View the Internet Storm Center on a daily basis for up-to-date news on recent Internet activity of note (http://isc.incidents.org)</li> <li>Daily Case Management - the Security Analyst will review open cases and provide follow up that may be required</li> </ul> <p><strong>Qualifications:</strong></p> <ul> <li>U.S. Based</li> <li>5+ years of Information Security experience</li> <li>5+ years Firewall management and rules analysis</li> <li>2-4 years of systems analysis</li> <li>Working knowledge of Linux and syslog from CLI</li> <li>Proven ability and past experience performing moderately complex security analysis for information technology is required</li> <li>Excellent writing and communications skills</li> <li>Familiarization with a variety of information and network security monitoring tools (ArcSight SIEM, QRadar SIEM, Splunk, Arbor DDoS Mitigation, Cisco IDS/IPS, Netcool, and Imperva WAF, among others)</li> <li>Ability to work in a dynamic team-centered environment</li> </ul> <p><strong>Education Preferred:</strong></p> <ul> <li>Bachelors Degree in Computer Information Systems or related field</li> </ul> <p><strong>Industry Certifications:</strong></p> <ul> <li>Tier 3 Analysts should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to: <ul> <li>Certified Information Systems Security Professional (CISSP)</li> <li>Information Systems Security Engineering Professional (CISSP-ISSEP)</li> <li>Systems Security Certified Practitioner (SSCP)</li> <li>CompTIA Security+</li> <li>Certified Ethical Hacker (CEH)</li> <li>Certified Security Analyst (ECSA)</li> <li>Certified Incident Handler (ECIH)</li> <li>CompTIA Cybersecurity Analyst (CSA+)</li> <li>Information Technology Infrastructure Library (ITIL)</li> <li>Cisco CCNA</li> <li>Cisco CCNP + Security</li> <li>GSEC</li> <li>GCIH</li> <li>GCIA</li> <li>MCSE</li> <li>Linux+</li> </ul> </li> </ul> <p><strong>Work Experience:</strong></p> <ul> <li>2-3 years of Managed Security Service Provider Tier-1/2 Analyst/Operator Experience (Preferred)</li> <li>3-4 years of SOC or NOSC analyst experience</li> <li>Threat Intelligence or Forensic background is a plus</li> </ul> Misolutions Consulting Columbia SC

Security Analyst With Risk/Vulnerability Assessment

Innosoul