Sr. Security Analyst/Security Engineer
TEKsystems | |
$105,000.00 - $120,000.00 / yr | |
United States, Illinois, Chicago | |
Nov 06, 2024 | |
*Position Overview:*
Our client is looking to hire a full-time Sr. Security Analyst / Security Engineer to join their team in a leadership capacity. The role does require a hybrid schedule in Chicago, IL where they expect individuals onsite 2-3 days per week. The company is looking to modernize their security environment so candidates who have experience with upgrading environments in the past will be highly preferred. *Description:* The Senior Security Analyst - Team Lead will safeguard and protect our organization's information systems and data from cyber threats. This role involves monitoring, analyzing, and responding to security incidents, developing and implementing security measures to prevent and reduce the impact of cybersecurity incidents. This person will be conducting vulnerability assessments, coordinating the remediation of penetration test findings and designing and planning mitigating controls. Responsibilities' include implementing, reviewing, and improving security logging and monitoring, and documenting baseline standards to ensure maximum security. The ideal candidate will have a solid technical background, extensive experience in cybersecurity, and the ability to think critically and strategically about security risks. Primary Responsibilities *Lead a team of Security Analysts and provide guidance, mentorship, and support *Assess, design, document, and work with IT teams to implement security controls for critical applications and systems throughout the company's network to meet security standards and best practice recommendations. *Plan and schedule work with all areas of IT to ensure timely remediation of vulnerabilities based on security scans, penetration testing, or other means of detection of threats. *Conduct thorough investigations of security alerts/incidents and provide detailed reports on findings and actions taken. *Develop and implement security policies, procedures, and best practices to protect sensitive information and ensure compliance with regulatory requirements. *Maintain and ensure annual updates of all security-related Infrastructure policies and procedures by working with the respective teams. *Perform regular security audits, risk assessments, and vulnerability assessments to identify and mitigate potential security risks as well as ensure the effectiveness of security controls *Stay up-to-date with the latest cybersecurity trends, threats, and technologies. * Oversee teams members whose duties involve reviewing email proxy phishing and spam queues. Provide guidance for tuning/adjustment of rules for the email proxy as needed. * Provide guidance for approving/disapproving Web Exception Access requests as appropriate on the Web Proxy. *Define rules for and assist with DLP system maintenance. *Assist 3rd party vendors with conducting annual penetration testing and coordinate efforts to mitigate found vulnerabilities. *Lead incident response and assist with disaster recovery planning and execution. *Maintain subscriptions to vendors' security/vulnerability alerts and assess and establish a response plan based on the severity and applicability of the threat. *Participate in the recruitment and training of new team members. *Other security tasks as needed. *Additional Skills & Qualifications:* Job Qualifications: *Proficiency in conducting risk assessments, vulnerability assessments, and penetration testing.. *Strong understanding of cybersecurity compliance frameworks, standards, and best practices (e.g., NIST, HIPAA, OWASP, etc.) *Experience configuring, maintaining, and auditing application systems security controls. *Knowledge of system and network exploitation, attack vectors and pathologies, intrusion techniques, such as phishing, denial of service attacks, OWASP Top 10 vulnerabilities, malicious code/malware, ransomware, password attacks, etc. *Experience with Next Generation Firewalls, Next Generation EndPoint Protection products, IDS/IPS, and web application firewall technologies. *Experience with IBM QRadar, Splunk, Tenable Nessus, Delinia Secret Server, Microsoft SCCM, and OpenSCAP or similar products. *Knowledge of current Windows Server, Windows Workstation, Linux, VMware, and Active Directory environments. *Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design. *Experience with Forcepoint Email Security, Web Security, and DLP products. *Professional certifications such as CISSP, CISM, CEH, or equivalent are highly desirable. *Excellent analytical, problem-solving, and communication skills. *Ability to work independently and as part of a team in a fast-paced environment. *Strong attention to detail and the ability to think critically and strategically. About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. |