Atrilogy Solutions Group’s direct client is seeking an Information Security Administrator
to join their team in Broomfield, CO
on a contract to hire
basis. This candidate will oversee the day-to-day administration of information security tools and devices, as well as first-level and second-level support for security information and event management (SIEM). This is a hands-on role that requires a high level of technical expertise. The person in this position is responsible for a broad range of tasks, which may include significant responsibilities for the security administration of a wide variety of IT systems across the enterprise.
The individual in this position will monitor network traffic for security events and performs triage analysis to identify security incidents. This position responds to computer security incidents by collecting, analyzing and preserving digital evidence to ensure incidents are recorded and tracked in accordance with SOC requirements. SOC Tier 2 Analysts work closely with IT and ERM to assess risk and provide recommendations for improving our security posture.
Education and Experience:
- Bachelors or equivalent experience
- 5+ years project related experience
- Deep packet and log analysis
- Some Forensic and Malware Analysis
- Cyber Threat and Intelligence gathering and analysis
- The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
- Experience managing cases with enterprise SIEM like QRadar, LogRhythm and NTT.
- Working knowledge of any of the following tools is required: Nessus, Varonis, Wireshark, Nexpose, Qualys,
Cylance Endpoint, Security Analytics, Snort, NMap, NIKSUN, Wireshark or other information security tools.
Essential Functions Include:
- One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security), Security + or equivalent.
- Ability/experience in training and supervising junior analysts.
- Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
- Verifiable experience reviewing application code for security vulnerabilities
- Direct, hands-on experience or a strong working knowledge of vulnerability management tools
- Full-stack knowledge of IT infrastructure:
- Operating systems — Windows, Unix and Linux
- IP networks — WAN and LAN
- Point of contact with MSSP and integrating logs and alerting configuration
- Conduct research on emerging security threats.
- Provides correlation and trending of cyber incident activity.
- Develops threat trend analysis reports and metrics.
- Supports SOC analysis, handling and response activity.
- Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
- Ensure that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted that should be logged by the security information and event management (SIEM) or log management tool.
- Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, and counterparts within the network operations center (NOC).
- With guidance from the CISO, or the individual responsible for overall security direction, and in conjunction with SOC colleagues, establish procedures — including escalations — for when IOCs are discovered.
- Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
- Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction.
- Coordinate with the privacy officer to document data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
- Validate IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable.
- Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
- Review network segmentation to ensure least privilege for network access.
- Conduct reviews of and oversee the change management function for security rulesets for the organization's firewalls.
- Validate that security and other critical patches to firmware and operating systems are configured and deployed in a timely fashion.
- Liaise with the vendor management team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including:
- SaaS providers
- Cloud/infrastructure as a service (IaaS) providers
- Managed service providers
- Payroll providers
- Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the CISO and vendor management teams.
For immediate consideration please submit your resume in Word format, along with daytime contact information. LOCAL CANDIDATES ONLY PLEASE
unless you are willing to relocate yourself at your own expense. All submittals will be treated confidentially. Selected candidate may be asked to pass a comprehensive background, credit and/or drug screening. Principals only, no third parties please.
Established in 2000, Atrilogy Solutions Group, Inc. provides organizations of all sizes with high-quality, cost-effective information technology (IT), business process and health care consulting and staffing services. Our industry-leading service model combines experienced project managers with seasoned technical and functional consultants to eliminate client uncertainty and deliver superior value and results.
Clients turn to Atrilogy for expertise in:
- IT staffing and placement (Project Managers, Agile/Scrum Masters, Business Analysts, DBA’s, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists)
- All major ERP & CRM packages (including Oracle, Workday, PeopleSoft, JD Edwards, Lawson, SAP, Dynamics AX, Salesforce, Microsoft CRM, NetSuite)
- Business Intelligence, Data Warehousing, and Big Data Integration
- Creative (Interactive Project Manager/Art Director, Information Architect, UI/UX Designer, Web/Graphic Design)
Atrilogy has been recognized by Inc. magazine as one of the nation’s fastest-growing, privately-held companies. Headquartered in Irvine, California, Atrilogy also has offices in Denver, Phoenix, Atlanta, and Dallas with satellite offices in Boston, Jersey City, Las Vegas, Seattle, and Delhi, India.
Atrilogy Solutions Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law, and will not be discriminated against on the basis of disability.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.