Information Security Analyst

Full Time
140000 to 165000 plus bonus
Travel not required

Job Description

Our client a leading professional services firm located in downtown NYC, is looking to hire an information security analyst. This position works with the Director of Infrastructure & Security on the maintenance and implementation of the Firm’s Information Security and Management System. Will also monitor information security alerts, threats, and threat intelligence

Responsibilities

  • Manage, configure and support on premise and cloud-based IT security monitoring systems: eSentire, O365/Azure security consoles, Cisco Umbrella and Palo Alto Panorama.
  • Review, triage, analyze and remediate information from Information security monitoring systems, third party threat intelligence, and vendor vulnerability information.
  • Coordinate vendors performing vulnerability, risk analysis and penetration testing.
  • Manage and oversee internal department auditing function (includes review of: user accounts; elevated privileges; patch and security configuration status; and information access).
  • Manage maintenance and development of policies and procedures for the Firm’s Information Security Management System (ISMS).
  • Participate in the Firm’s Computer Security Incident Response Team and Information Security Forum.
  • Participate in client security assessment and review process.

    Requirements

  • Extensive knowledge of current security threats, techniques, and landscape
  • Strong understanding of internal control concepts and policies.
    • ISO 27001 certification a plus
  • Strong knowledge of Incident Analysis and Response concepts and techniques
  • Working knowledge of IT infrastructure including network devices and architecture, TCP/IP, network protocols, server operating systems, vulnerability scanning, endpoint protection, intrusion detection, firewalls, and content filtering.
  • Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, VMware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc
  • Various social engineering, and penetration testing approaches/tools for vulnerability identification, enumeration, and exploitation to determine security networks, systems, and application's security configuration
  • Bachelor’s degree, preferably with strong academic record.
  • Information Security certification strongly preferred.
Dice Id : 80108439
Position Id : x1obumio61j689tqff88wmcyqw
Originally Posted : 2 months ago
Have a Job? Post it