Overview
On Site
$55 - $75 hourly
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - Temp
Skills
Vulnerability Management
MASS
Management
KPI
Research
Documentation
Communication
HTTP
PKI
Encryption
SMTP
Dragon NaturallySpeaking
DNS
Nessus
Nmap
Burp Suite
Web Applications
Firewall
STIG
Hardening
SAML
Kerberos
OAuth
OIDC
LDAP
Windows PowerShell
Python
Jenkins
Splunk
Onboarding
Microsoft Azure
Apache Kafka
Artificial Intelligence
Messaging
Job Details
RESPONSIBILITIES:
Kforce has a client in NYC that is seeking a Security Analyst for a hybrid role.
Summary:
The Security Analyst will be responsible for independently managing third-party vulnerability data sources, executing scans using proprietary tools, and collaborating with IT teams to prioritize mitigation efforts. This role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems.
Responsibilities:
* Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures
* Evaluate existing vulnerabilities to find problem areas or opportunities for mass-mitigation
* Communicate with other teams to explain the opportunities or needs
* Escalate vulnerabilities that have breached our time-to-resolve limits
* Configure scanning tools and manage scan schedules
* Collect a set of metrics and KPIs for our departmental use
* Consider opportunities for AI to improve all of the above
REQUIREMENTS:
* Bachelor's degree in Information Technology or related field is considered a plus, not mandatory
* Able to research independently using available sources, collect data, then document a clear plan of action
* Systematic thinking and troubleshooting
* Able to create clear and detailed documentation of designs and processes for a diverse technical audience
* Provide clear and concise communication of requirements, priorities, and status
Strong familiarity and prior experience with:
* HTTP, PKI and signatures/encryption, SMTP, DNS, CWEs, CVEs, and other frameworks
* Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei or other scanning tools
* Web application scanning and web application firewalls
* Containers
* CIS benchmarks, STIGs, or other security hardening standards
Additional desirable skills or experience:
* SAML, Kerberos, OAuth, OIDC, LDAP
* Powershell and Python
* Jenkins
* Splunk data onboarding- indexes, sourcetypes, data models, forwarders, apps, HECs
* Azure event hubs, Kafka, syslog
* Sentinel, Defender, Crowdstrike, or other EDRs
Must work hybrid from one of these locations: Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Dallas, TX; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lenexa, KS; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client in NYC that is seeking a Security Analyst for a hybrid role.
Summary:
The Security Analyst will be responsible for independently managing third-party vulnerability data sources, executing scans using proprietary tools, and collaborating with IT teams to prioritize mitigation efforts. This role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems.
Responsibilities:
* Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures
* Evaluate existing vulnerabilities to find problem areas or opportunities for mass-mitigation
* Communicate with other teams to explain the opportunities or needs
* Escalate vulnerabilities that have breached our time-to-resolve limits
* Configure scanning tools and manage scan schedules
* Collect a set of metrics and KPIs for our departmental use
* Consider opportunities for AI to improve all of the above
REQUIREMENTS:
* Bachelor's degree in Information Technology or related field is considered a plus, not mandatory
* Able to research independently using available sources, collect data, then document a clear plan of action
* Systematic thinking and troubleshooting
* Able to create clear and detailed documentation of designs and processes for a diverse technical audience
* Provide clear and concise communication of requirements, priorities, and status
Strong familiarity and prior experience with:
* HTTP, PKI and signatures/encryption, SMTP, DNS, CWEs, CVEs, and other frameworks
* Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei or other scanning tools
* Web application scanning and web application firewalls
* Containers
* CIS benchmarks, STIGs, or other security hardening standards
Additional desirable skills or experience:
* SAML, Kerberos, OAuth, OIDC, LDAP
* Powershell and Python
* Jenkins
* Splunk data onboarding- indexes, sourcetypes, data models, forwarders, apps, HECs
* Azure event hubs, Kafka, syslog
* Sentinel, Defender, Crowdstrike, or other EDRs
Must work hybrid from one of these locations: Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Dallas, TX; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lenexa, KS; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.