IT Security Analyst

Requisition Number : 98611

Insight Enterprises is a Fortune 500 Solutions Integrator helping organizations accelerate transformation by unlocking the power of people and technology.

With a 35-year foundation in hardware and software supply chain augmenting our deep expertise in cloud, data, AI, cybersecurity, and intelligent edge, we guide organizations through complex digital decisions to achieve extraordinary results.

This role is within our Residency Offering, which is a solution that provides strategic technical resources to our customers on a contractual basis.

• M-F 8-5
• REMOTE POSITION
• Contract with possible extensions
• $70-$75 hourly depending on experience
• Must have CrowdStrike / Falcon experience
• At Least one active security certification : CEH, OSCP, CPTE, CISM, CISSP or related

Key Responsibilities :

The IT Security Analyst provides hands-on technical expertise in the Security Operations Center (SOC) of the firm. You will be responsible for monitoring the IT Security environment to immediately detect, verify, and respond swiftly to cyber threats, e.

g. vulnerability exploitation, malware, cyber-attacks, etc. Your role effectively enhances the incident response operations of the organization by working closely with IT and business stakeholders to execute in a non-disruptive manner across the firm.

Within the Office of the Chief Information Security Officer (CISO), the IT Security Analyst is instrumental in increasing the security posture of the firm.

Working in conjunction with Architecture, IT Compliance and IT Infrastructure, you will be a key contributor in executing the IT Security strategy, Security roadmap and formulation of the Cybersecurity process relative to threat intelligence, security monitoring, security automation, intrusion detection / prevention, purple teaming, endpoint security, Third Party Security Assessment, Security Information and Event Management (SIEM) and SOC.

• Implement, administer and support endpoint security software
• Continuously remain current on emerging security threats and a wide range of current security technologies, such as vulnerability assessment tools, SIEM, firewalls, proxies, network and host-based intrusion prevention, DLP, etc.
• Conduct investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitation, etc.

to determine malfunctions, breaches, and remediation steps

• Respond to daily service issues, problems, and critical situations to support resolution and minimize downtime
• Administration and daily operation of SIEM technologies, including rule creation, reporting, correlation and performance monitoring
• Execute automation playbooks for incident response investigations
• Leverage firm’s threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor capabilities
• Integrate threat intelligence feeds and sources with firm’s security monitoring infrastructure
• Leverage firm’s Continuous Testing framework to identify, design and deploy tests for firm’s security monitoring controls
• Identify and implement tools to baseline activity in order to alert or limit suspicious activity among networks, databases, data and users
• Assist in selecting, implementing and managing systems, tools, and processes that will keep the firm at the leading edge of security, which includes a continually evolving inventory of gaps to be mitigated and formulation of a proactive strategy to evaluate and implement mitigating technologies
• Assist in the development and implementation of security policies and procedures (e.g., user logon and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines)
• Enforce security policies and procedures by administering and monitoring security profiles, documenting security controls, reviewing security violation reports, and investigating possible security exceptions
• Prepare status reports on security matters to develop security risk analysis scenarios and response procedures
• Other duties as assigned

What you will need to succeed

• B.S. in Computer Science or Engineering or similar technical program or equivalent experience
• At least one active security certification : CEH, OSCP, CPTE, CISM, CISSP or related
• 3-5+ years in a hands-on technical role in information security
• Experience working within the CrowdStrike platform.
• Knowledge of security frameworks and principals and relevant technologies and vendors
• Problem solving and troubleshooting skills with the ability to exercise mature judgment
• Excellent oral and written communication skills
• Attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of assigned work
• Experience with event analysis leveraging SIEM tools
• Log parsing and analysis skill set and previous experience developing and refining correlation rules
• Hands-on experience deploying & operating security technologies including devices, networks and systems that prevent, detect & respond to security threats
• Strong understanding of security operations concepts, such as perimeter defense, BYOD management, data loss protection, insider threat, kill-chain analysis, risk assessment and security metrics
• Strong understanding of network protocols
• Development / scripting experience : Python and / or PowerShell.
• Experience with Signature development / management (e.g. Snort rules, Yara rules)
• Knowledge of protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness, etc.)
• Working knowledge of current cyber threat landscape (e.g. threat actors, APT, cyber-crime, etc.)
• Working knowledge of Windows and Unix / Linux, Firewall and Proxy technology
• Knowledge of malware operation and indicators, DLP monitoring
• Knowledge of forensic techniques
• Knowledge of penetration techniques
• Knowledge of DDoS mitigation techniques
• Ability to self-organize, prioritize activities independently, create documentation and reports
• Think both tactically and strategically
• Enable creative solutions by stimulating ideas through discussion and collaboration
• Able to work on multiple activities at the same time, organizing and prioritizing as needed to accomplish goals
• Manage uncertainty well able to assess and act with good enough but imperfect or incomplete information
• Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.