Security Analyst

Security AnalystSecurity AnalystFull TimeRemoteTeam 1,001-5,000Since 1979H1B SponsorCompany Site LinkedIn

Location

District of Columbia + 1 more

Posted

129 days ago

Salary

$110K - $160K / year

Bachelor Degree4 yrs expExperience acceptedEnglishCloudFirewalls

Job Description

• supporting the monitoring and management of the Firm’s security infrastructure, including email security, firewall infrastructure, vulnerability detection and remediation, monitoring, log collection/correlation, and intrusion detection/prevention. • Monitor and respond to security events including potential policy violations, malicious activity and insider threats. • Analyze and escalate incidents appropriately, ensuring timely resolution and documentation. • Maintain and improve detection systems, including IDS, firewalls, endpoint protection, and phishing detection. • Conduct comprehensive vulnerability scanning, detection, and remediation across the firm’s infrastructure, ensuring effective management and resolution of vulnerabilities. • Ensure adherence to regulatory frameworks (NIST, HIPAA, FISMA, etc.) and internal policies. • Support and manage client audit requests, produce evidence, and respond to audit requirements. • Track and periodically validate application and data authorizations. • Develop and maintain technical and non-technical metrics to substantiate the firm’s information security program. • Use statistical methods and tools to model normal and abnormal system behavior. • Suggest improvements to detection criteria and security controls. • Participate in projects to implement, upgrade, or modify security systems and processes, completing special projects and other duties as assigned by the Information Security Manager.

Job Requirements

Bachelor’s degree in information technology, computer science or related field
A combination of equivalent work experience and training/education can be substituted in lieu of a degree.
at least one of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), a SANS certification (GSEC, GCIH, GCWN, etc), a Cloud Security Alliance certification (CCSK, CCSP), or other similar certification.
4 years of progressive experience in security operations, audit, security management or insider threat detection
Demonstrated experience with monitoring and configuring SIEM platforms, EDR and Antivirus, IPS/IDS, and other security tools.
Demonstrated familiarity with NIST, HIPAA, FISMA, and other regulations and frameworks.
Demonstrated ability to take security framework compliance requirements and translate them into technical compliance settings and configurations.
Demonstrated familiarity with vulnerability scanning technologies including treating false positives, tracking results, and troubleshooting systems.
Understanding of administration of Windows-based operating systems and networks.
Understanding of Identity and Access Management technologies, especially in Software as a Service (SaaS) and cloud environments.
Demonstrated ability to work effectively in a team environment and manage multiple projects and shifting priorities.