Sr Information Security Analyst - Glass Family of Companies

Opportunity Details

Sr Information Security Analyst

JOB-10042406

Anticipated Start Date

08 / 19 / 2024

Location

Overland Park, KS

Type of Employment

Contract-to-Hire

Employer Info

Our client is an employee-owned engineering, procurement, consulting, and construction company with a 100-year legacy of creating a better world for humanity today, and for generations to come.

Job Summary

Our client is seeking a Sr. Information Security Analyst will support the Cyber Defense and Operations (CDO) programs including Security Operations Center (SOC), Incident Response (IR), threat monitoring, threat hunting, EDR management, and assist with cybersecurity assessment activities.

Job Description

• In this role, the candidate will be responsible for monitoring, analyzing, and maintaining the security and integrity of networks and applications by ensuring system controls are properly deployed while adhering to security standards and industry best practices.
• The Information Security Analyst will have knowledge and experience with SIEM, Incident Response, event analysis, threat intelligence, EDR, and security operations.
• Responsible for the day-to-day operation and response to alerts, alert triage, and escalation from SIEM, IDS / IPS, EDR, email & web security, application, and network security devices.
• Proactively search for signs of malicious activities and potential security incidents.
• Investigate and resolve security events and incidents.
• Conduct forensic analysis of security breaches and incidents.
• Investigate and analyze the root cause of incidents and breaches.
• Analyze various data sources, such as SIEM logs, network traffic, and endpoint data to identify anomalies and indicators of compromise.
• Continuously review, test, and improve the Incident Response Plan (IRP).
• Document and maintain procedures related to Security Operations Center (SOC) and Incident Response & Operations.
• Monitor, triage, and respond to alerts from information security tools and escalate issues to senior management as needed.
• Oversight and governance over the coverage and quality of the log sources being consumed by the SIEM (such as workstations, servers, cloud platforms, EDR, network devices, firewall, secure mail gateways, and applications).
• Maintain up-to-date knowledge of emerging threats and vulnerabilities.
• Generate technical and executive metrics for visibility and continuous improvement for the Security Operations Center (SOC) and Incident Response & Operations Programs.
• Coordinate and participate in risk assessment efforts and assist with remediation of findings.
• Identify security risks and exposures; determine the root causes of security incidents and recommend the plan of action to improve the security posture.
• Monitor trending TTP's to prepare for future breach attempts.
• Analyze and remediate EDR related incidents and gaps.
• Support and manage security tools by continuously tuning and optimizing capabilities.
• Collaborate with other teams to learn from every incident and harden preventions to "never experience the same problem twice".
• Perform other duties as assigned.

Skills Required

• 4+ years of Information Security experience.
• 3+ year experience with responding to cybersecurity events and incidents.
• Knowledge of security technologies and tools (e.g., SIEM, IDS / IPS, EDR).
• Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit even if escalating critical incidents to IT stakeholders with conflicting schedules.
• Action and results-oriented with the ability to overcome obstacles and able to work well under deadlines in a changing environment.
• Knowledge of security technologies and tools (e.g., SIEM, IDS / IPS, EDR).
• Strong speaking and writing skills with ability to effectively communicate to both engineers and senior leadership.
• Strong understanding of current threats and trends present in the cybersecurity and OT field.
• Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude.
• Knowledge of security and privacy frameworks such as Cyber Kill Chain, MITRE, NIST, ITIL, SANS, NERC CIP, CIS, CMMC, OWASP, etc.
• One or more certifications : Security+, GCIA, GCIH, CEH, CISSP

Education / Training / Certifications

Bachelor’s degree in information security or equivalent work experience

Additional Requirements

• Overland Park KS preferred; open to any Company office
30+ days ago