To ensure prompt identification and prioritization of IT/security service disruptions and alerts arising during the DSS Data Center migration from Brooklyn to a hybrid Cloud and NJ DR facility. Security triage in data center migration refers to the process of identifying, assessing, and responding to security incidents and vulnerabilities that arise throughout the various stages of a data center migration project.
• Scope:
o Analyze infrastructure Vulnerability service tickets related to the migration project for all new hardware / environments and locations.
• Tasks Breakdown:
o Maintain proactive communication with stakeholders including ITS, OTI, DSS Legal Affairs, and NYC Cyber Command.
o Coordinate across legacy, cloud, and DR environments, leveraging knowledge of SIEM (Splunk), EDR (CrowdStrike), and endpoint policy management (Trellix).
o POC for all infrastructure Vulnerability findings found for all locations and environments for the D/C move.
o Coordinate vulnerability remediation for new infrastructure and environments as part of D/C move.
o Create remediation workflows affecting systems and environments related to the DC implementation.
o Maintain structured management and communication for vulnerabilities related to the DC implementation.
o Document resolutions and practices for institutional knowledge and audit.
• 5+ years of hands-on experience with Rapid7 InsightVM, and ability to prioritize vulnerabilities based on exploitability, business impact, and criticality
• 5+ years of experience setting up remediation projects, running advanced queries, exporting data in Rapid7, and performing analysis in Excel using pivot-tables
• 5+ years of experience using CrowdStrike Falcon during incident response to identify malicious processes, lateral movement, and behavioural indicators across compromised endpoints
• 5+ years of experience using Trellix EDR and ePO to investigate alerts, correlate threat events, and reconstruct attack timelines during incident response
• 5+ years of hands-on experience with IT Service Management software including ServiceNow (creating tickets, searching, updating, attaching files, researching SLA, creating child-parent ticket pairs)
• 5+ years of experience using Splunk Enterprise and Splunk ES to investigate security incidents by correlating logs, alerts, and behavioural anomalies across diverse data sources
• 5+ years of strong foundational understanding of general IT concepts, with hands-on familiarity across Windows, Unix, and Linux server environments, core networking principles, virtualization technologies such as VMware, and exposure to enterprise platforms including Oracle and IBM systems
Never miss an opportunity! Create an alert based on the job you applied for.
