Role: IT Security Analyst (Security Operations)
Location: Los Angeles, CA
Start Date: ASAP
Must pass a background/drug screen
As part of a cross-functional Information Security & Compliance team, the IT Security Analyst (Security Operations) is responsible for security operations including log analysis, vulnerability analysis, and threat analysis. This role evaluates the type and severity of security events leveraging their in-depth knowledge of exploits and vulnerabilities, and works with the Security Engineer in investigating and responding to security incidents. This role works across other IT functions including application development to assist with application testing, and infrastructure to assist with penetration testing, vulnerability management, and patch management. The IT Security Analyst works with the Information Risk & Compliance team to analyze threat models and security requirements to ensure implementation of technology appropriately mitigates risks. This role is responsible for managing multiple projects while maintaining technical currency with emerging security technologies.
- Monitor and respond to information security incidents and support the Information Security & Compliance team in security investigations leveraging insourced and outsourced tools and services.
- Build and analyze reports compiled from various security tools to identify and anticipate patterns of attack and manage and report on the overall threat landscape.
- Work with Security Engineering and Operations team to build, maintain and operate the Security Operations Center and blend information gathered from internal knowledge, professional network and Managed •Security Service Providers.
- Develop and maintain the Incident Response plan including procedures for incident response, forensic investigation and mitigation of security events.
- Maintain and operate vulnerability management process and tools and work with infrastructure and application development staff to keep systems current and effectively manage risk.
- Review and document security related change requests and advise management on approval decisions.
- Support the execution and coordination of application and infrastructure penetration testing.
- Collaborate with peers across affiliate companies to share incident information, solutions and best practices
- Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
- A minimum education level of: BA/BS Degree (4-year) in Information Technology, CS/Engineering, Economics, or Business
- A minimum of 2-4 years of related work experience
- Experience in working with security operations tools including anti-malware, AV, IPS/IDS, SIEM.
- Experience in managing and operating vulnerability/patch management processes and tools.
- Excellent written and verbal communication skills with the ability to explain technical concepts to a non-technical audience.
- Conceptual understanding with deep knowledge in a few security subject areas and broad knowledge over multiple security subject areas and applied experience.
- Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework) and best practices
- Experience in coordinating and performing application and infrastructure penetration testing.
- A thorough understanding of tools, policies and standards related to security systems and experience in executing incident response process and procedures.
- Demonstrated commitment to continuing education to strengthen skills, broaden expertise and maintain currency with emerging technology.
- Project management experience (planning, organizing, coordinating consulting resources) and the ability to manage outsourced services and resources.
- Must be well versed in incident management, threat management, and vulnerability management.
- Experience working across teams to prevent, identify, and effectively recover from security incidents.
- Proven experience identifying vulnerabilities, anticipate threats, and leveraging a practical approach to reduce the likelihood or impact of a breach.
- Scripting skills (e.g. Python, powershell, shell scripting)
- IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar)
For immediate consideration please submit your resume in Word format, along with daytime contact information. LOCAL CANDIDATES ONLY PLEASE unless you are willing to relocate yourself at your own expense. All submittals will be treated confidentially. Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening. Principals only, no third parties please.
Established in 2000, Atrilogy Solutions Group, Inc. provides organizations of all sizes with high-quality, cost-effective information technology (IT), business process and health care consulting and staffing services. Our industry-leading service model combines experienced project managers with seasoned technical and functional consultants to eliminate client uncertainty and deliver superior value and results.
Clients turn to Atrilogy for expertise in:
- IT staffing and placement (Project Managers, Agile/Scrum Masters, Business Analysts, DBA’s, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists)
- All major ERP & CRM packages (including Oracle, Workday, PeopleSoft, JD Edwards, Lawson, SAP, Dynamics AX, Salesforce, Microsoft CRM, NetSuite)
- Business Intelligence, Data Warehousing, and Big Data Integration
- Creative (Interactive Project Manager/Art Director, Information Architect, UI/UX Designer, Web/Graphic Design)
Atrilogy has been recognized by Inc. magazine as one of the nation’s fastest-growing, privately-held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, Atlanta, and Dallas with satellite offices in Boston, Jersey City, Las Vegas, Seattle, and Delhi, India.
Atrilogy Solutions Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.