Information Security Analyst Tier 1

Description

We are looking for a passionate individual with experience in information security and technology to take a triage specialist role in our growing MSSP within the SOC, to review and address client security issues. Additional responsibilities would include reviewing client security needs and recommending solutions consistent with the Kraft Kennedy SOC.

Duties/Responsibilities:

The successful candidate must be an individual who understands business operations, information technology and security. This individual must have demonstrated hands on experience with information security testing and consulting. High level communication skills are essential to successfully translate technology and security requirements into business terms. Strong client service skills are necessary for interacting with various levels of internal IT staff as well as corporate leadership.

• Be able to obtain industry certificates where applicable.
• Maintain working knowledge of cyber threat actor tactics and techniques
• Research, identify and understand new threats
• Experience with deployment of an EDR solution in a large multi-customer customer environment
• Review client issue and take steps to remediate security threat
• Conduct security audits and risk assessments with commercial tools and techniques
• Report and present findings to team and clients
• Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations

Compensation:

The base pay for this position has a salary range of $50,000 to $60,000. The actual salary offer will take in to account a wide range of factors including the individual’s qualifications, experience as well as location. In addition, certain positions are eligible for bonuses or commissions.

Qualifications

• 3+ years of IT security review and remediation for internal or external client

• Can be on call outside of normal business hours in case of an emergency.

• Experience in several IT disciplines may provide a solid framework for this position, but must have hands-on experience using security monitoring tools, running vulnerability scans, and reviewing vulnerability assessment reports

• Proficient with SentinelOne products

• Knowledge of various enterprise operating system (OS) configurations and management tools for use during deployment, configuration, and management of EDR’s

• Familiarity and knowledge of security frameworks (NIST CSF, CIS, ISO)

• Working knowledge of network security concepts and technologies, including but not limited to firewalls, IDS/IPS, proxy servers, access control systems, and web application firewalls. 

• Endpoint Protection Platform’s

• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions

• Knowledge of network security architecture concepts including topology, protocols, components, and principles

• Strong networking knowledge with a focus on security

• Hand on experience with incident handling techniques and processes desired

• Must possess strong verbal and written skills

• Law firm experience is a definite a plus!

Education and Experience:

• Minimum of two years’ experience in IT Security is required- Well-developed troubleshooting and problem-solving skills- Knowledge of endpoint detection and response solutions- Experience with vulnerability management tools- Working knowledge of Windows and/or Linux systems- Must be able to manage and prioritize multiple assignments while meeting deadlines- Motivated self-starter with a desire to learn

• Microsoft AZ-500 and SC-200 preferred but not required

• Security Certifications (CISSP, GCIA GCIH, GCFA or GCFE) a plus!

Physical Requirements:

• Prolonged periods of sitting at a desk and working on a computer.