Riverstrong is seeking a skilled and motivated individual to join our team as a Security and Network Operations Specialist to support clients in Oregon. In this role, you will be instrumental in protecting both our own and our client’s digital infrastructure by ensuring the confidentiality, integrity, and availability of a diverse set of assets. You will collaborate closely with the Director of Cybersecurity and the VP of Delivery, contributing to our mission of providing top-tier security and network services.
The main focus of this role will be active management of client security needs, including promptly responding to security incidents, mitigating threats, minimizing potential impacts, remediating vulnerabilities to strengthen security defenses and reduce risks, and managing security toolsets to ensure optimal performance and protection. In addition to these tasks, you will be responsible for addressing alerts generated by our infrastructure tooling, including backup & recovery, remote monitoring & management, and network devices. Beyond these responsibilities, you will have the opportunity to assist the Director of Cybersecurity in conducting security and risk assessments of client environments and tracking the resulting findings to completion.
As a Security and Network Operations Specialist at Riverstrong, not only will you be presented with the opportunity to engage with a diverse set of tools, but our ideal candidate will be someone who grows into this role, taking on more responsibilities as they become more comfortable and demonstrate the necessary capabilities. Opportunities for professional growth and advancement will become available as the security practice, and you continue to grow and evolve.
Responsibilities:
1) Alert Management & Incident Response:
a. Swiftly respond to security & network alerts across a variety of client environments.
b. Investigate and analyze security & network events to determine their impact and severity.
c. Thoroughly document all stages of the incident response process, including Detection, Analysis, Containment, Eradication, Recovery, and Post-Incident Activity
d. Work to develop process, procedures, workflow, and best practices surrounding alert management
e. Collaborate with cross-functional teams to mitigate risks and prevent future incidents.
2) Patch and Vulnerability Management:
a. Oversee and execute patch management activities for multiple clients.
b. Coordinate patch management activities with key stakeholders to ensure timely updates that minimize impact on business operations.
c. Stay abreast of emerging threats and ensure clients' systems are resilient against attacks.
d. Utilize system reporting functionality to demonstrate the effectiveness of patch and vulnerability management efforts
3) Toolset Management:
a. Assist the Director of Cybersecurity in managing existing security & infrastructure toolsets to ensure comprehensive coverage of client and internal systems
b. Assist the Director of Cybersecurity & VP of Delivery in the expansion of tool capabilities and efficacy
c. Document known issues and work to resolve them in a timely manner
d. Work to reduce noise in the existing toolset to ensure impactful, actionable alerts
e. Perform audits to ensure the continued functionality of security & infrastructure tools
f. When necessary, assist with onboarding of new toolsets
g. Development of internal and external facing reports to evidence the effectiveness of solutions
4) Governance, Risk, and Compliance
a. Assist in the development of policy, procedures, best practices, plans, guidelines, system designs, and other documentation for both internal and external stakeholders
b. Assist the Director of Cybersecurity in conducting Security & Risk Assessments of client infrastructure
c. Assist the Director of Cybersecurity in the development of Plans of Action & Milestones (POAMs) to remediate findings from assessment activities
d. Track POAMs to completion in accordance with designated priority levels
e. Assist in client communication surrounding emerging risks, trends, and remediation activities
Preferred Qualifications:
- Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field (or equivalent work experience)
- Proven experience in at least one of the following areas: incident response, vulnerability management, security auditing, toolset management, infrastructure management
- 2 years of experience in some cybersecurity discipline, e.g., SOC Analyst, Security Analyst/Specialist, Security Auditor, Forensic Analyst, Security Engineer, etc. or infrastructure management, e.g., NOC Analyst, Engineering, etc.
- Relevant certifications a plus (e.g., CISSP, CEH, CompTIA Security+).
- Familiarity with security tools and technologies such as Managed Detection and response, Zero-Trust, Next-Generation Antivirus, and Vulnerability Management.
- Familiarity with Security Frameworks (e.g., NIST CSF, ISO 2700, CIS, etc.)
- Experience using Remote Monitoring & Management Software
- Basic understanding of networking technologies & protocols
- Basic understanding of the tactics, techniques, and procedures (TTPs) used by malicious actors
- Basic understanding of scripting a plus
- Experience utilizing ticketing systems with a commitment to keeping comprehensive notes
- Strong analytical and problem-solving skills.
- Excellent communication and teamwork abilities.