The Information Security Analyst administers, monitors, and maintains security infrastructure, which includes but is not limited to application and container security tools, security orchestration solutions, security information and event monitoring (SIEM), Network Security Tools, system logging and analysis, endpoint security tools, and vulnerability management systems. The position also assists in implementing and maintaining corporate security standards, technologies, and programs.
The candidate plays a key role in the information security team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. Ideal candidates will have a mix of security and systems engineering backgrounds to ensure that business processes are configured correctly and that security best practices are designed and implemented. Candidates will also possess exemplary communication skills to articulate and disseminate security policy to the business.
Length: 6 month contract – potential to extend and/or convert
Location: Silver Springs, hybrid – flexible to remote
Associate Vendors: We are accepting applications from candidates who are currently authorized to work in the US for any employer without sponsorship.
Role & Responsibilities
- Build and maintain complex technical infrastructure that supports a secure platform that protects our data at rest and in transit.
- Work closely with Enterprise and business owners to identify endpoint coverage scope, strong analytical skills related to working with operating systems and security toolsets.
- Provide technical guidance on industry tools and best practices in the field of endpoint security.
- Monitor and maintain security tools that instrument security policies and capabilities.
- Provide expertise in the field of managing enterprise security systems, specifically the ability to determine the least business impactful way of implementing security tools and features.
- Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
- Administration of system infrastructure that is hosted within a public/private/hybrid infrastructure.
- Remain current with new security trends, continuously assessing systems to ensure they are appropriately configured to defend the business.
- Experience in deploying and correlating threat intelligence and vulnerability management solutions.
- Provide expertise in day-to-day security operations such as onboarding/offboarding of security endpoint agents, user access management, systems’ security and administration, configuration changes, system upgrades, ensuring 24x7 systems availability & DR, etc.
- Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.
Required Qualifications
- Extensive experience with Cloud infrastructure (AWS preferred) - EC2, ECS, Route53, SNS, Lambda, Cloudwatch, Secrets Manager, RDS, etc..
- Extensive experience with configuration management tools, such as Ansible or Chef and infrastructure as code tools such as Terraform or CloudFormation.
- Experience with scripting languages such as Python or Go
- Experience in administering SIEM solutions in an enterprise environment including configuring and customizing log data ingestion.
- Experience in managing a variety of security tools and technologies (SOAR, SIEM, etc.).
- Experience in configuring authentication and authorization concepts (RBAC, IAM).
- Extensive experience in Splunk and related SIEM and SOAR technologies (Cribl, Demisto).
- Experience integrating internal platforms with SaaS Solutions such as Tenable and Sentinel One.
- Experience building Docker containers.
- Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
- SPLUNK Admin cert would be preferred
- AWS certs would be preferred
Desired Qualifications
- Cyber-Security experience.
- Media or entertainment experience.