Cyber Security Analyst with CISSP, CISA, CISM, Security+ (846 views)

** Direct Client Requirement *****

Title: Cyber Security Analyst with CISSP, CISA, CISM, Security+

Location: Des Moines IA

Rate: DOE/If your experience and skills match call us immediately for submission

Duration: 12 months

Interview Type: Skype and Phone

Work Status: Successful applicants must be legally authorized to work in the U.S.

Job Type: Full-Time,W2,C2H, C2C,

Experience: 7 years

Preffer W2: U S C/G C/H1B Transfer/OPT/CPT/H4 EAD and other US work authorization are accepted

Job Description

The Security Analyst  is a senior level resource with specialized knowledge and experience in security analysis, forensic investigation, risk identification and remediation.

Five years of relevant experience; preferred education 4 year college degree or equivalent technical certification.

Information Security analyst – Iowa Secretary of State’s office

Responsibilities

Daily review of security logs
•    Ability to use a SIEM products/security dashboards to view and analyze data
•    Ability to interpret log data to determine risk
•    Ability to plan/facilitate/perform mitigation tasks

Security Forensics/Investigation

•    Investigate security alerts & notifications. 
•    Investigate suspicious emails

Review security risk assessments/vulnerability scans/pen test results; and plan/execute remediation

•    Ability to prioritize mitigation tasks identified in risk assessment reports
•    Ability to prioritize remediation tasks identified in vulnerability scans
•    Ability to plan/facilitate/perform remediation tasks
•    Ability to demonstrate risks or vulnerabilities are remediated

Conduct security audits of local network (and remote staff workstations)

•    Password audits (Active Directory)
•    O365 security reviews/compliance
•    Other scans as needed

Keep informed on daily security news and vulnerabilities

•    Ability to understand how new vulnerabilities may affect SOS environment
•    Prioritize/Facilitate/Plan remediation of new vulnerabilities that affect SOS environment
•    Awareness of indicators of compromise for specific known vulnerabilities

Security Controls

•    Review security controls and analyze possible gaps in SOS environment

Compliance

•    Lead oversight for PCI compliance
•    Responsible for annual PCI SAQ
•    Responsible for tracking quarterly PCI vulnerability assessments

Other duties

•    Work with leadership, technical staff to plan/execute proactive security plans
•    Point of contact for SOS in working with firewall vendor

Knowledge of the following are a plus:

•    O365 security
•    MFA configuration 
•    End point security
 

Required / Desired Skills

Required 5 years Solid understanding of networks, network protocols and ports, and securing networks.

Required 5 years Extensive knowledge of information security principles.

Required 5 years Experience in security audit, assessment and vulnerability scan methodologies, standards, procedures and best practices 

Required 5 years Experience in information security operations

Required 5 years Strong oral and written communication skills and ability to communicate with all levels of stakeholders 

CISSP, CISA, CISM, Security+ or other information security certification

 Highly desired

Required Ability to work independently with limited supervision and limited direction, while working in collaborative team environments

Required 5 years Experience using security tools that include (but not limited to): SIEM product, network monitoring, web application firewalls, firewalls, etc 

Required 5 years Ability to analyze data and understand where security risks exist  

Required 5 years Understanding of information security controls – and how to identify where gaps exist in production infrastructures

Experience with PCI self-assessment questionnaire

 Highly desired

Experience with O365 Security Center configuration and best practices

  Desired

Required Ability to examine suspicious email to determine potential risk.

Required Ability to examine logs or other data to detect scope of damange from a potential malicious payload or security event.

Thanks
Vinay/Siva
vinayp@Sohanit.com
PH:402-241-9613
Apply here or Please send to resumes@sohanit.com