IT Cyber Security Specialist | SECURITY ANALYST

Job type:
on-site
Start:
n.a
Duration:
12 months
From:
Resource 1
Place:
Illinois
Date:
06/14/2019
Country:
flag_no USA
project ID:
1784460

Warning
This project is archived and not active any more.
You will find vacant projects in our project database.

Resource 1 is seeking an IT Cyber Security Specialist for a 1-year contract in Warrenville, IL. This is an exciting opportunity to be part of a high-profile government project with national and international visibility. Since this is a government project, selected candidate must be a US Citizen. The Cyber Security Specialist should be familiar with the support and operation of security infrastructure, monitoring systems, and reporting tools. Assists in managing security-related configurations, platform hardening, and other control systems for Servers, network devices, cloud environments, and software solutions. Evaluate IT service requests for security concerns and potential issues, providing feedback to stakeholders. Integrate with IT infrastructure and application development projects to represent security concerns and initiatives. May lead small security projects related to administration efforts.

Primary Responsibilities

Monitor network to identify security breaches detected by those systems; and help drive tracking, investigation, and resolution of those incidents.

Participate in daily security operations, in partnership with other Technology teams as required and appropriate.

Execute technical work to tune and improve security infrastructure operation, maintain integrity and accuracy of asset inventory, and validate technology systems meet expected configuration requirements; working in partnership with other Technology teams as appropriate.

Required Knowledge and Experience:

4-7+ years of overall IT Engineering experience

5+ years of current experience in Information Security within an Enterprise IT environment.

Prior experience with NIST 800-53, Public Trust or FED experience is a really NICE TO HAVE.

Prior experience with Active Directory and Windows OS security administration and architecture

Contribute to the development of Information Security policies, standards and procedures. Assist operations and development teams in aligning operating procedures with information security best practices.

Participate (and captain) Security Incident Response Processes.

Participates in enterprise security Red Team program and associated tabletop activities, analyses, and drills.

Apply internal controls and security concepts in a wide variety of information technology processes and appropriately assess the exposures resulting from ineffective or missing controls.

Participate in enterprise vulnerability management program and associated operational processes.

Coordinate with development teams around application security best practices, application vulnerability scanning, penetration testing, and data privacy processes.

Serve as an internal information security consultant to business, development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related regulatory issues.

Previous experience leading sensitive investigations.

Previous experience with customer and business-facing communication.

Previous experience presenting in front of large groups and or to executive leadership

Previous experience with the concepts of application security (AppSec) including basic control structures and threats.

Application vulnerability management and or penetration testing a plus.

Within the area of assigned responsibilities, provides direct training to all employees, contractors, alliances, or other third parties, ensuring proper information access in accordance with established organizational information security policies and procedures

Skills:

Bachelor's degree in discipline related to functional work or role with 4-7 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience.

Ability to solve complex problems with minimal supervision using sound logic and analytic methods.

Excellent written and verbal communication skills with ability to state messages in a clear and concise manner that is understandable by both technical and non-technical teams. Must be able to proactively listen to others to understand issues and situations. Must be able to clearly articulate business needs to both internal and external customers.

Strong proficiency and or previous experience securing the following:

Microsoft Office Suite (Traditional Office 365)

Google G Suite

Microsoft Server Platforms

Microsoft Endpoint Platforms

O/S Windows, XMacOS, Linux Debian, CentOS

Firewalls; Palo Alto Networks, Cisco

Endpoint Security: Symantec, Sentinel On

SIEM: and Logging Splunk, LogRythym

DDoS: Radware, Arbor Networks

Vulnerability Management: Nexpose, OpenVAS, Burp, ZAP

WAF: Citrix NetScaler, Imperva

Databases: Microsoft SQL Server, OracleDB

Application; Servers Microsoft IIS, Apache, Nginx

Ecosystems; Microsoft .Net, Java, PHP