Location: Durham, NC
Duration: 6 Months, Contract to Hire
- As the Senior Information Security Analyst you will be a senior member of the security operation team, leading the investigation of security alerts and reported security issues, driving those issues to completion, and assisting other analysts on the team during incident analysis.
- We will look for you to support defensive, cyber security technologies and programs deployed to enforce security policies.
- Additional responsibilities will be to coordinate governance and management of IT control frameworks to ensure regulatory compliance.
- We are looking for you to bring your real passion for security and apply it in our high-performance culture.
- We care deeply about the work we do and the impact it has on our customers.
- If you are ready to make a career out of making a difference then you are the person for this team.
- Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.), run to ground detected events and eliminate false positives.
- Perform vulnerability and compliance scanning, analyze results, craft reports, and drive discovered issues to closure.
- Work directly with our internal and external customers to understand and resolve their security questions, concerns, and requests.
- Actively identify and consult with management and business areas regarding unresolved security exposures as well as misuse or noncompliance situations.
- Lead the creation, administration and maintenance of threat and vulnerability management process and procedures.
- Coordinate monitoring and reporting of key control activities for metrics discussions and during audit periods.
- Handle and maintain compliance for threat and vulnerability and develop and publish information procedures and guidelines, including compliance monitoring procedures across the organization.
- Responsible for handling multiple segments of the internal and external audit process for tracking and reporting confirmed audit issues from identification to closure/validation.
- Coordinate the development and delivery of security mentorship and training to business partners by performing security program presentations, both internally and externally.
- Bachelor’s degree and 5 years’ experience in security operations, incident response, and/or security engineering.
- If no degree, 6 years in security operations, incident response, and/or security engineering.
- Solid consultative experience with demonstrable ability to determine appropriate security controls and identify mitigation strategies that meet business and technical requirements.
- Prior experiencing working in a security operations center environment strongly preferred
- Prior experience analyzing security events (IPS/IDS, DLP, SIEM)
- Prior experiencing reviewing vulnerability scan data and performing vulnerability management.
- Informal leadership, coaching and mentoring skills.
- Strong consultative skillset with ability to provide appropriate direction to other IT groups on security matters
- Demonstrated initiative to learn new technologies.
- Excellent written and verbal interpersonal skills, including strong presentation skills.
- Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
- Demonstrated dedication to and leadership of continuous process improvement.
- Security+, CSA, GCIA, GCIH, GMON, or other incident response / security related certifications a plus