Opening for IT Security Analyst in Seattle, WA - Remote

0 views
Skip to first unread message

Abdul Rahman

unread,
Nov 18, 2024, 1:50:34 PM11/18/24
to Abdul....@tryfacta.com

Hi,

 

This is a remote role with one of our direct clients. Please share the resumes accordingly. CISSP required or any other similar certifications.

 

Below is the Job description for your reference:

 

Job title: Information Security Analyst

Location: Seattle, WA (Remote)

Duration: 6 months

 

Job Description:

Under general direction, the Information Security Analyst assists with the operations of the Agency's Information Security program for its technology assets. The Information Security Analyst's role is to support service owners and system owners in ensuring the confidentiality and integrity of information systems and data across the entire organization.

 

The Information Security Analyst performs two core functions for the Agency.  The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security events detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the Agency's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

 

Essential Functions:

  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency.
  • Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically
  • Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e. workstations, servers, network devices, etc)
  • Maintain operational configurations of all in-place security solutions as per the established baselines.
  • Monitor all in-place security solutions for efficient and appropriate operations.
  • Review logs and reports of all in-place devices, whether they be under direct control (i.e security tools) or not (i.e. workstations, servers, network devices, etc). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic or suspicious activity.
  • Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
  • Provide on-call support for Information Security Incident Response activities.
  • Conduct vulnerability scans and assessments, including reporting and follow up on remediation status.
  • Inform and train staff members on their responsibilities concerning information security procedures.
  • Support the administrated processes to maintain compliance with regulatory obligations (e.g. DOL.)
  • Assist with ensuring that agency technology assets, systems, services, and facilities are compliant with information security procedures.
  • Participate in ongoing information security education, awareness and outreach activities as required.
  • Monitor threat intelligence and other available information to proactively enhance the Agency's security posture.
  • Demonstrates Sound Transit's Values in every interaction.

 

Requirements:

Education & Experience:

  1. Bachelor's Degree in computer science, information technology, business administration, engineering, or closely-related field and five years of information technology experience with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.
  2. At least 4 years of systems security and administration experience.

 

Required Licenses or Certifications:

  • One or more of the following certifications:  
    • Certified Information Systems Security Professional (CISSP) (strongly preferred)
    • CompTlA Security+ o GIAC Information Security Fundamentals
    • Microsoft Certified Systems Administrator: Security
  • Associate of (ISC)2
  • ITIL and Project Management certification a plus.

 

Specific Qualifications, Knowledge, and Skills:

  • Experience performing vulnerability scans using Tenable.
  • Experience responding to Information Security incidents and events.
  • Experience utilizing security software and tools, including (but not limited to): CrowdStrike endpoint protection, Microsoft Defender, SIEM (AlienVault preferred) and EnCase.
  • Strong command of system administration tools (Windows/Linux)
  • Experience with security administration of cloud platforms (Microsoft 365)
  • General knowledge of the NIST 800 series standards and the ISO 27001/2 frameworks.
  • Demonstrated work experience conducting system security assessments, control analysis, risk assessment, vulnerability assessments or penetration tests.
  • Strong understanding of information security threats and vulnerabilities
  • Strong understanding of and experience with security-related technologies, systems, and tools
  • In-depth understanding and experience with various attack vectors and their effect on technologies.

 

Required Skills:

  • Technical skills proficiency in the following areas: security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols), system administration, malware (propagation, infection, types), intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open-source information collection platforms), cryptography, Microsoft Active Directory.
  • Proven competency in the use of MS Office applications (Word, Excel, PowerPoint, SharePoint, Teams)
  • Strong work habits, time management and self-organization
  • Excellent communication skills (verbal/written), including the ability to provide technical reports.

 

Thanks 


Abdul Rahman

Email     Abdul....@tryfacta.com

Office    (341) 226-6060 | ext. 1049

Mobile  (732) 802-1310

Reply all
Reply to author
Forward
0 new messages