Senior Information Security Analyst

ITS Technologies has an opening for a senior-level position within the Information Security team. Responsibilities include monitoring and investigation of alerts, administration of software used by the team, and researching and implementing improvements to our Information Security posture. This position requires 8+ years of hands-on experience in multiple areas of Information Security, and knowledge and skills in areas such as networking, Windows, Linux, and Cloud platforms.
Responsibilities

• Respond to alerts, events, and incidents
• Perform detailed investigation and analysis of events
• Use personal knowledge, skills, and tools to monitor for threats
• Develop and implement monitoring rules and alerts
• During investigations act as the go-to person for junior members of the team
• Troubleshoot and support software and devices used by the Information Security team
• Maintain situational awareness about the entire Information Technology environment
• Regularly provide ideas and recommendations to improve the Information Security posture
• Awareness and understanding of current topics and threats occurring in the Information Security community
• Provide training to other members of the Information Security
• Implement new Information Security tools and products
• Create policies, playbooks, how-to guides, and other documentation
• Act as a technical leader on threat and vulnerability management by reviewing and analyzing vulnerability data to identify trends and patterns. Additionally, collaborate with colleagues in prioritizing vulnerability fixes and developing remediation plans.
• Provide technical guidance on secure system design and configurations
• Collaborate with the rest of the security team to enhance overall security posture
• Proactively hunt for cyber threats and vulnerabilities within the organization's environment
• Analyze security data and logs from multiple sources (DLP, SIEM, EDR tools, etc.) to detect anomalous activity
• Build and improve detection mechanisms to identify malicious behavior
• Perform incident response tasks related to emerging threats and vulnerabilities
• Act as a liaison between security, other technical teams, and the business to align security practices
• Additionally, the role involves participating in cross-departmental security projects, staying updated on industry trends, and advocating for information security through awareness initiatives

• Minimum 8-10 years of experience in an Information Security role
• Experience working with the following:
  • Cloud security tools and concepts
  • Firewalls, IPS, WAF, SIEM, and EDR technologies
  • DLP Tools and Technology
  • Vulnerability scanning and threat analysis tools
  • Email Protection and Phishing solutions

• Hands-on administration with a broad security understanding of one or more products such as anti-malware/anti-virus, firewalls, web proxies, SIEMs, vulnerability scanners, penetration testing, email filtering, DLP, etc.
• Fluency in SIEM systems with proven ability to understand all the inputs/data sources
• Ability and strong understanding of how to monitor networks for security breaches and analyzing network traffic, activity logs and system alerts
• Hands on experience with responding to security events, threats and/or incidents by investigating and analyzing to identify root causes
• Proven ability to prepare reports on security events, incidents, and threats
• Ability to protect systems by using and maintaining software like firewalls and data encryption programs to protect sensitive information
• Capable of conducting security assessments, vulnerability testing (scanning) and risk analysis with having key abilities to identify vulnerabilities and assess their risk and impact to the organization
• Proven ability to create documentation for security related plans including incident response and disaster recovery plans
• Strong problem-solving skills to investigate and understand security events
• Ability to think critically and innovatively about the security solutions that can keep data secure
• Understanding of TCP/IP and networking
• Knowledge of best practices and frameworks used in Information Security
• Capable of explaining technical information to both I.T. and non-technical audiences
• Detailed orientated
• Ability to handle multiple projects and prioritize critical work
• Desire to self-educate on the ever-changing landscape of cyber tactics
• Superior written and verbal communication skills
• Bachelor's degree in computer science, information security, or related, preferred
• Certifications such as CISSP, CEH, Security+ etc., preferred
• Experience with Azure and AWS platforms is preferred