IT Security Analyst

Overview
Infinitice specializes in IT staff augmentation, connecting businesses with highly skilled professionals across data, analytics, and technology roles. We help organizations scale quickly with the right talent at the right time.

Our client is seeking to add an IT Security Specialist in Pontiac, MI, to their team for a long-term project. Below are the requirements. Please review and apply if you are a fit.

Telecommuting is not allowed in this position. This is a W2 Contract position. NO C2C please.

Under general direction, you will evaluate the adequacy and effectiveness of internal data controls, business and technical processes, and technology platforms to help ensure the integrity of organizational systems and data. You will perform security and integrity reviews, support incident response and remediation, and contribute to the continuous improvement of security monitoring and controls.

Key Responsibilities:

• Perform security and integrity reviews of organizational data and IT systems.
  
• Assess internal controls, business processes, and technical processes for adequacy and effectiveness.
  
• Support monitoring and detection efforts (SOC operations, threat hunting, detection engineering, and/or network security engineering).
  
• Troubleshoot technical systems, document findings, and create/maintain operational run books.
  
• Communicate clearly in client-facing environments via email, chat, and voice/video calls (including screen sharing).
  
• Stay current with the evolving threat landscape and apply learnings to improve controls and response.
  

Requirements

Requirement: (Must Have)

• Minimum 2 years of hands-on experience in at least one of the following areas: SOC analyst, threat hunting, detection engineering, or network security engineering.
  
• Minimum 2 years of active troubleshooting experience with technical systems, including creating clear documentation.
  
• Experience in client-facing environments, including active correspondence via email and instant message and participating in voice/video calls with screen sharing.
  
• Strong desire to learn, grow, and stay connected to the changing threat landscape.
  
• Ability to discuss fundamentals of information security in at least three (3) of the following areas:
  

• Governance, Risk, and Compliance (GRC)
  
• Cloud and hosted applications
  
• Containerization
  
• Application security
  
• Network security and Zero Trust Architecture (ZTNA/NetSec)
  
• Endpoint security and OS hardening
  
• Security tooling and reporting automation (PowerShell/Python/Bash)
  
• Malware analysis / forensic system analysis
  
• Incident response and remediation
  
• Penetration testing of apps, endpoints, or devices
  
• Cyber Threat Intelligence (CTI), including automation of feeds and processing of alerts/vulnerabilities
  
• Vulnerability management
  
• Data protection
  
  

Preferred Qualifications (Nice to Have)

• ISACA CRISC certification
  
• ISC2 SSCP certification
  
• Hands-on experience with SOAR and other automation approaches
  
• Hands-on experience using common AI models for automation, reporting, or research
  
• Familiarity with NIST frameworks (e.g., CSF 2.0, 800-207, 800-53)
  
• Familiarity with the MITRE ATT&CK framework
  
• Familiarity with OWASP and web application penetration testing
  
• Connections to the larger information security community
  

Benefits