** Direct Client Requirement *****
Title: Cyber Security Analyst with CISSP, CISA, CISM, Security+
Location: Des Moines IA
Rate: DOE/If your experience and skills match call us immediately for submission
Duration: 12 months
Interview Type: Skype and Phone
Work Status: Successful applicants must be legally authorized to work in the U.S.
Job Type: Full-Time,W2,C2H, C2C,
Experience: 7 years
Preffer W2: U S C/G C/H1B Transfer/OPT/CPT/H4 EAD and other US work authorization are accepted
The Security Analyst is a senior level resource with specialized knowledge and experience in security analysis, forensic investigation, risk identification and remediation.
Five years of relevant experience; preferred education 4 year college degree or equivalent technical certification.
Information Security analyst – Iowa Secretary of State’s office
Daily review of security logs
• Ability to use a SIEM products/security dashboards to view and analyze data
• Ability to interpret log data to determine risk
• Ability to plan/facilitate/perform mitigation tasks
• Investigate security alerts & notifications.
• Investigate suspicious emails
Review security risk assessments/vulnerability scans/pen test results; and plan/execute remediation
• Ability to prioritize mitigation tasks identified in risk assessment reports
• Ability to prioritize remediation tasks identified in vulnerability scans
• Ability to plan/facilitate/perform remediation tasks
• Ability to demonstrate risks or vulnerabilities are remediated
Conduct security audits of local network (and remote staff workstations)
• Password audits (Active Directory)
• O365 security reviews/compliance
• Other scans as needed
Keep informed on daily security news and vulnerabilities
• Ability to understand how new vulnerabilities may affect SOS environment
• Prioritize/Facilitate/Plan remediation of new vulnerabilities that affect SOS environment
• Awareness of indicators of compromise for specific known vulnerabilities
• Review security controls and analyze possible gaps in SOS environment
• Lead oversight for PCI compliance
• Responsible for annual PCI SAQ
• Responsible for tracking quarterly PCI vulnerability assessments
• Work with leadership, technical staff to plan/execute proactive security plans
• Point of contact for SOS in working with firewall vendor
Knowledge of the following are a plus:
• O365 security
• MFA configuration
• End point security
Required / Desired Skills
Required 5 years Solid understanding of networks, network protocols and ports, and securing networks.
Required 5 years Extensive knowledge of information security principles.
Required 5 years Experience in security audit, assessment and vulnerability scan methodologies, standards, procedures and best practices
Required 5 years Experience in information security operations
Required 5 years Strong oral and written communication skills and ability to communicate with all levels of stakeholders
CISSP, CISA, CISM, Security+ or other information security certification
Required Ability to work independently with limited supervision and limited direction, while working in collaborative team environments
Required 5 years Experience using security tools that include (but not limited to): SIEM product, network monitoring, web application firewalls, firewalls, etc
Required 5 years Ability to analyze data and understand where security risks exist
Required 5 years Understanding of information security controls – and how to identify where gaps exist in production infrastructures
Experience with PCI self-assessment questionnaire
Experience with O365 Security Center configuration and best practices
Required Ability to examine suspicious email to determine potential risk.
Required Ability to examine logs or other data to detect scope of damange from a potential malicious payload or security event.
Apply here or Please send to firstname.lastname@example.org
Position Keywords: O365 Security,CISSP, CISA, CISM,SIEM,protocol,Active Directory,
Pay Rate: DOE
Job Duration: 12 Months
% Travel Required: None
Job Posted by: Employer
Job ID: OOJ - 2248
Work Authorization: Successful applicants must be legally authorized to work in the U.S