The Cyber Security Analyst III plays a pivotal role within the Cyber Security team, serving as a senior subject matter expert. Leading the charge in identifying and implementing cutting-edge security solutions, this role involves designing robust security systems and infrastructure. Provides invaluable technical guidance to junior personnel and collaborates closely with other IT team members. This role demands a strong technical aptitude, as the individual must effectively multitask while driving the implementation of security projects essential to meeting the enterprise's security needs. Additionally, they contribute to the development and maintenance of policies, standards, baselines, guidelines, and procedures.
Responsibilities
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, new attacks, and threat vectors
- Conduct thorough vulnerability audits, assessments, and penetration tests to fortify the organization's defenses against potential threats.
- Deploy, configure, integrate, and manage new security solutions and enhancements/maintenance to existing security solutions in accordance with policies and standards
- Conduct security reviews and risk assessments of existing systems and infrastructure, identifying gaps and proposing solutions to mitigate risks. Lead in the planning and design of enterprise security architecture.
- Design systems security infrastructure and provide technical security guidance as needed for projects. Research, design, and advocate for new technologies, infrastructure, architectures, and security products that will support security requirements for the enterprise
- Monitor security controls, intrusion detection events, and network traffic for unusual or suspicious activity. Interpret activity and take responsive action.
- Design and execute vulnerability assessments, penetration tests, and security audits
- Assist with tuning SIEM rules and creating custom log source integration with parsing
- Provide resolutions to intrusion events, security incidents, and other threat indications, and provide warning information to teams
- Lead effort on determining hardening best practices and to implement these requirements on existing and new hardware
- Assist in the design of systems security infrastructure and provide technical security guidance as needed for projects
- Participate in development of security plans, risk assessment plans, business continuity plans, incident response plans, and cybersecurity policies and standards
- Bachelor’s degree in computer science, information technology, business administration, or equivalent work experience
- 7+ years of demonstrated experience in Cyber Security
- Azure/Azure AD (Entra/Entra ID) is required with a strong understanding of Azure Identity and Access Management (IAM) including role-based access control (RBAC.) Proficient in implementing and maintaining security controls within Azure AD (Entra ID) to safeguard identities, devices, and applications.
- 2+ years with Splunk including administering Splunk ES, writing rules, triggers/alerts
- Proficient in utilizing Netskope or similar cloud security platforms for comprehensive visibility, governance, and control of cloud services and applications, ensuring adherence to security policies and regulatory compliance
- Broad hands-on knowledge of SIEM, NGFW, IPS, IAM, EDR, DLP, data encryption, code scanning, vulnerability management, email security, phishing training, and other industry-standard techniques and practices
- Strong analytical and data gathering skills with experience analyzing network attacks
- Knowledge of common scripting tools, such as PowerShell, Python, Bash
- Knowledge of network security architecture, understanding of the TCP/IP protocol, and remote access security techniques/products
- Solid experience with public key infrastructure (PKI) and experience with certificate lifecycle management
- Ability to analyze and remediate security threats from a wide range of technologies
- Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies
Equal Opportunity Employer
The H.W. Kaufman Group of companies is an equal opportunity employer. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, gender, gender identity, age, national origin, disability, veteran status, marital status, sexual orientation, genetic information or any other status or condition protected by the laws or regulations in the locations where we operate.