Security Analyst

Project Description:

The individual in this position will:

• The Computer Security Incident Response Team (CSIRT) supports the client in minimizing the loss of information and the disruption of services caused by Security Incidents.
• CSIRT assist leadership in determining if a Security Incident has occurred and initiates preliminary legal processes to ensure client fulfills obligations relating to the protection of information.

We are seeking to hire a CSIRT Lead who will report into the Deputy Chief Information Security Officer. At a high level your responsibilities will include:

• Leading efforts to maintain the central point of contact for the reporting and sharing of information involving computer Security Incidents.
• Leading efforts to minimize negative impacts and disruptions resulting from Security Incidents.
• Leading efforts to identify, collect, and preserve necessary data and evidence relating to Security Incidents.
• Leading efforts to provide findings, root causes, lessons learned and recommended actions to prevent future Security Incidents.

What we are seeking from you:

• Strong understanding of security technologies, including but not limited to: firewall, IDS, policy management, security processes, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response.
• Solid understanding of common and emerging attack vectors.
• Strong understanding of TCP/IP network and information systems ports, protocols, and services.
• Experience in automating repeatable tasks by leveraging common scripting languages (PowerShell, Python, bash, etc.).
• Bachelor's degree in Computer Information Science, Information Technology, Information Systems Security, or related field, or equivalent experience.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), GIAC Security Essentials (GSEC), or other information security certifications. A federally recognized information security certification must be obtained within six months of hire.
• Proven ability to work with diverse audiences and translate technical information into non-technical information.
• Ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought.
• Demonstrated ability to work independently, as part of a team of peers, and also to support and contribute to a multidiscipline team environment.
• Demonstrated ability to solve complex problems, convey both oral and written instruction, and handle multiple task interruptions.
• Ability to research and recommend solutions to enhance incident response and digital forensics capabilities.