Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

Senior Information Security Analyst
Company Holman Enterprises
Location Remote, US
Preferred GIAC Certifications Any of: GSEC, GCIH, GCDA, GDAT, GWAPT
Travel 5%
Salary Not provided
Contact Name Brian
Contact Email bcarroll/at/
Expires 2021-08-14

Job Description

The Holman Enterprises Security Operations team has an opportunity for a Senior Security Analyst. This position will have primary technical focus, leading the analysis of enterprise defenses during scoped and open-ended projects. This role is responsible for establishing a roadmap for the placement and use of security tools; as well as the implementation and monitoring.

- Participate in the administration of security implementations (EPP/EDR, IPS/IDS, SIEM, etc.)
- Support the ongoing administration, design and use of the Security Information & Event Monitoring platform, ensuring audit trails, system logs and other monitoring data is reviewed and actionable.
- Support the ongoing administration, design and user of network segmentation tools and underlying concepts.
- Perform vulnerability assessments and reviews; facilitating remediation planning, exposure tracking, communicating risk, and reporting on mitigation status
- Lead the development of security control assessments for common platforms and the implementation of findings from said assessments
- Facilitate Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle
- Provides security architecture knowledge and design concepts to Information Technology and Development teams.
- Apply or recommend adaptive security measures based on investigative findings and threat monitoring
- Participate in and coordinates application security reviews, working with third party assessors and application owners to identify and remediate findings
- Performs second level investigation into user reported threats such as phishing, machine compromise, advanced threats, etc.
- Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. Presents action plans for implementation and approval
- Perform threat hunting based on Tactics, Techniques and Procedures (TTPs) and threat reporting from information sharing organizations (US-CERT, FS-ISAC, etc.)
- Provide technical expertise to support vendor and project reviews.
- Performs all other duties and special projects as assigned.

Preferred Technology Experience:

- Experience with network segmentation tools like Illumio, Guardicore, Zscaler ZWS, Cisco Tetration/ACI
- Significant Experience with SIEM technologies: Elasticsearch, Winlogbeat, Logstash, LogRhythm, Sigma
- Behavioral Endpoint Protection solutions: Cylance, SentinelOne, Crowdstrike
- Vulnerability Assessment services: Nexpose/InsightVM, Nessus, Qualys
- Network Detection Tools: Bro (Zeke), Suricata, Security Onion, etc.
- Firewall Technologies: Cisco ASA, Cisco Firepower, Palo Alto
- Familiar with any of Bash, Python, PowerShell