Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Senior Information Security Analyst
Company Holman Enterprises
Location Remote, US
Preferred GIAC Certifications Any of: GSEC, GCIH, GCDA, GDAT, GWAPT
Travel 5%
Salary Not provided
URL https://holmanautogroup.wd1.myworkdayjobs.com/HolmanEnterprisesCareers/job/Mount-Laurel-NJ-US/Senior-Security-Engineer---Security-Operations_R0034523
Contact Name Brian
Contact Email bcarroll/at/holmanenterprises.com
Expires 2021-08-14

Job Description

The Holman Enterprises Security Operations team has an opportunity for a Senior Security Analyst. This position will have primary technical focus, leading the analysis of enterprise defenses during scoped and open-ended projects. This role is responsible for establishing a roadmap for the placement and use of security tools; as well as the implementation and monitoring.

- Participate in the administration of security implementations (EPP/EDR, IPS/IDS, SIEM, etc.)
- Support the ongoing administration, design and use of the Security Information & Event Monitoring platform, ensuring audit trails, system logs and other monitoring data is reviewed and actionable.
- Support the ongoing administration, design and user of network segmentation tools and underlying concepts.
- Perform vulnerability assessments and reviews; facilitating remediation planning, exposure tracking, communicating risk, and reporting on mitigation status
- Lead the development of security control assessments for common platforms and the implementation of findings from said assessments
- Facilitate Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle
- Provides security architecture knowledge and design concepts to Information Technology and Development teams.
- Apply or recommend adaptive security measures based on investigative findings and threat monitoring
- Participate in and coordinates application security reviews, working with third party assessors and application owners to identify and remediate findings
- Performs second level investigation into user reported threats such as phishing, machine compromise, advanced threats, etc.
- Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. Presents action plans for implementation and approval
- Perform threat hunting based on Tactics, Techniques and Procedures (TTPs) and threat reporting from information sharing organizations (US-CERT, FS-ISAC, etc.)
- Provide technical expertise to support vendor and project reviews.
- Performs all other duties and special projects as assigned.

Preferred Technology Experience:

- Experience with network segmentation tools like Illumio, Guardicore, Zscaler ZWS, Cisco Tetration/ACI
- Significant Experience with SIEM technologies: Elasticsearch, Winlogbeat, Logstash, LogRhythm, Sigma
- Behavioral Endpoint Protection solutions: Cylance, SentinelOne, Crowdstrike
- Vulnerability Assessment services: Nexpose/InsightVM, Nessus, Qualys
- Network Detection Tools: Bro (Zeke), Suricata, Security Onion, etc.
- Firewall Technologies: Cisco ASA, Cisco Firepower, Palo Alto
- Familiar with any of Bash, Python, PowerShell