Malvern, PA Description:
Our client is currently seeking a Senior Information Security Analyst
1+ Year Contract
Malvern, PA Responsibilities:
1. Partners with IT and business units to create, document and monitor Managed Services statements of work. Ensures detection and mitigation controls are implemented. Responds to violations following incident management processes and reports out to management.
2. Works with IT Platform, Application, System and Network teams to create Logical, Physical and Data architecture diagrams. Normalizes endpoint behavior, data access and network traffic. Implements security monitoring and documents standard operations procedures for the Incident Management Team.
3. Works closely with Cyber Security Operation teams to build and maintain security orchestration, playbooks and automation. Identifies opportunity areas to increase efficiency and automates manual processes. Creates and updates standard operating procedures and reports out to management on efficiency gains.
4. Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency. Monitors security systems, analyzes events and investigates security-related incidents.
5. Creates Threat Hunting models for Endpoints and Network Traffic. Analyzes endpoint including logging, EDR, IPS and DLP tools. Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools. Focuses on critical systems within network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
6. Keeps management within the department informed by communicating progress, issues, concerns and opportunities. Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.
7. Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise. Maintains an awareness of the department's dashboard and provides suggestions to improve performance.
8. Identifies Tactical Intelligence relevant to systems. Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls. 9. Escalates internal threat issues to the Insider Threat Team.
10. Participates in special projects and performs other duties as assigned.Requirements:
Demonstrated initiative and ability to work independently with attention to detail.
Demonstrated ability to be flexible and exercise good judgment.
Demonstrated strong organization and time management skills.
Excellent multitasking and time management skills.
Experience analyzing endpoint logging, detection, response and forensic tools.
Experience analyzing netflow, IPS, WAF and PCAP tools.
Experience creating rules, reports and dashboards in Splunk.
Experience creating logical, physical and data architecture diagrams.
Preferred experience utilizing Splunk User Entity Behavior Analytics.
Ability to deal effectively with various levels of crew and management.
Knowledge of security administration concepts, theories and practices.
Undergraduate degree in information technology-related field or equivalent combination of training and experience. Contact:
This job and many more are available through The Judge Group. Find us on the web at www.judge.com