Jobs search

Security Compliance Analyst

Epik Solutions • united states, united states, us • 1d ago

Pay Range - $60-$70 per hour

Technical Knowledge and Skills:

Minimum of 5+ years of technical experience conducting security incident response and forensic analysis.
Working experience of obtaining Cyber Threat Intelligence and making the information usable through the security incident process.
Working experience of applying IOCs to identify threats in current environment and apply information to prevent future vulnerabilities in infrastructure.
Technical security project management skills.
Working experience using best practices standards and frameworks: ISO 27001/27002; PCI DSS v4, GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF; CIS RAM.

WORKING EXPERIENCE, at a minimum:
Hardware: Network Switches, Routers, Load Balancers, Servers, Storage Systems, End-User Systems, Mobile Devices, or other devices that enable the organization to complete its mission.
Operating Systems: UNIX, LINUX, WINDOWS.
Network: LAN WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
Network Protocols: TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, etc.
Databases: Oracle, SQL, MYSQL.
Cloud Platforms: IAAS, PAAS, SAAS.
Security Concepts: Encryption, Hardening, etc.
Security GRC.
Forensic Analysis Tools.
Active Directory.
Programming Languages are a plus.
Computer Forensic experience a plus.
Prior SIEM experience a plus.
Malware analysis skills a plus.

Professional Skills:

The Consultant resources(s) shall possess most of the following skills:

Strong Analytical and Critical Thinking Skills.
Ability to analyze information and formulate solutions to problems.
Provide more in-depth analysis with a high-level view of goals and end deliverables.
Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
Plan and manage all aspects of the support function.
Extensive knowledge of and proven experience with information technology systems and methods of developing, testing and moving solutions to implementation.
Expert knowledge in project management practices and ability to document process and procedures as needed.
Self-motivated self-starters/proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables.
Ask questions and share information gained with other support team members, recording and documenting this knowledge.
Elicit and gather user requirements and/or problem description information, and record this information accurately.
Listen carefully and act upon user requirements or requests.
Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons.
Follow the lead of others on assigned projects as well as take the lead when deemed appropriate.
Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources.
Take responsibility for the integrity of the solution.
Present solutions (technical and non-technical) to management and decision makers.
Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision.
Experience in managing multiple projects.
5+ Years’ experience in information security and forensics and/or security incident response.
CISSP and CCFP or equivalent certification desired (e.g., CCE, CHFI). Other highly desirable security certifications may be substituted for CISSP (e.g., CISA, CISM, etc.)

Core Competencies:

Act with integrity
Use sound judgement
Commitment to quality
Demonstrate adaptability
Innovate
Think strategically
Communicate effectively and influence others
Work well both independently and as part of a team

Project Background and Information

A. Current situation or condition:

The Technical Security Consultant will assist Enterprise Security in the management, development, and implementation of assigned security projects in accordance with Security Best Practices.