Information Security Analyst - Seattle, United States - Infojini

    Infojini
    Infojini Seattle, United States

    3 weeks ago

    Default job background
    Description
    Below is the job description for the position:

    Position Title - IT Information Security AnalystLocation - Seattle, WA (Remote)Duration- 6 months (with possible extension)


    NOTE:
    CANDIDATE MUST BE LOCAL TO WASHINGTON STATE

    Specific Qualifications, Knowledge, and Skills:
    Experience performing

    vulnerability scans using Tenable.
    Experience responding to

    Information Security incidents and events.

    Experience utilizing security software and tools, including (but not limited to): CrowdStrike endpoint protection, Microsoft Defender, SIEM (AlienVault preferred) and EnCase.

    Strong command of system administration tools (Windows/Linux).Experience with

    security administration of cloud platforms (Microsoft 365).General knowledge of the

    NIST 800 series standards and the ISO 27001/2 frameworks.
    Demonstrated work experience conducting system security assessments, control analysis, risk assessment, vulnerability assessments or penetration tests.
    Strong understanding of

    information security threats and vulnerabilities.
    Strong understanding of and experience with security-related technologies, systems, and tools.
    In-depth understanding and experience with various attack vectors and their effect on technologies.

    Education & Experience:

    Bachelor's Degree in computer science, information technology, business administration, engineering, or closely related field and five years of information technology experience with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.

    At least 4 years of systems security and administration experience.

    Required Licenses or Certifications/One or more of the following certifications:o Certified Information Systems Security Professional (CISSP) (strongly preferred)o CompTlA Security+o GIAC

    Information Security Fundamentalso Microsoft Certified Systems Administrator:
    SecurityAssociate of (ISC)2ITIL and Project Management certification a plus.

    Required Skills:
    Technical skills proficiency in the following areas:

    security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols), system administration, malware (propagation, infection, types),


    intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open source information collection platforms), cryptography, Microsoft Active Directory.

    Proven competency in the use of MS Office applications (Word, Excel, PowerPoint, SharePoint, Teams)Strong work habits, time management and self-organizationExcellent communication skills (verbal/written), including the ability to provide technical reports.


    General Summary:

    Under general direction, the Information Security Analyst assists with the operations of the Agency's Information Security program for its technology assets.

    The Information Security Analyst's role is to support service owners and system owners in ensuring the confidentiality and integrity of information systems and data across the entire organization.

    The Information Security Analyst performs two core functions for the Agency.

    The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution ofsecurity events detected by those systems.

    Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and/or maintenance of policies, standards, baselines,guidelines, and procedures as well as conducting vulnerability audits and assessments.

    The IT Security Analyst is expected to be fully aware of the Agency's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals On-call availability is required as a member of the Information Security Incident Response Team.


    Essential Functions:

    Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

    Research and recommend additional security solutions or enhancements to existing security solutions to improve the overall security posture of the Agency.

    Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating proceduresgenerically and the enterprise's security documents specificallyMaintain up-to-date baselines for the secure configuration and operations of all in-place devices, when under direct control (i.e., security tools) or support when not (i.e.

    workstations, servers, network devices, etc)Maintain operational configurations of all in-place security solutions as per the established baselines.
    Monitor all in-place security solutions for efficient and appropriate operations.

    Review logs and reports of all in-place devices, whether they be under direct control (i.e security tools) or not (i.e.

    workstations, servers, network devices, etc).Interpret the implications of that activity and devise plans for appropriate resolution.
    Participate in investigations into problematic or suspicious activity.
    Participate in the design and execution of

    vulnerability assessments, penetration tests and security audits.
    Provide on-call support for

    Information Security Incident Response activitiesConduct vulnerability scans and assessments , including reporting and follow up on remediation status.
    Inform and train staff members on their responsibilities concerning information security procedures.
    Support the administrated processes to maintain compliance with regulatory obligations (e.g. DOL)Assist with ensuring that agency technology assets, systems, services, and facilities are compliant with information security procedures.
    Participate in ongoing information security education, awareness and outreach activities as required.
    Monitor threat intelligence and other available information to proactively enhance the Agency's security posture.
    Demonstrates Sound Transit's Values in every interaction Special / Additional Qualifications (Over Role/ Category Level)

    Thanks & RegardsInfojini ConsultingWebsite:
    https://www.infojiniconsulting.comAddress

    10015 Old Columbia Road, Suite B 215, Columbia, MD 21046by Jobble
    #J-18808-Ljbffr