HireTech Group has a client in Cleveland, OH looking for Information Security Analysts. This role is primarily responsible for executing the tactical and strategic initiatives of the Information Security team to include programs such as risk and vulnerability management, incident response, security architecture, and third-party vendor management. Work is typically assigned by the Information Security Manager, although the Information Security Analyst is expected to operate with minimal oversight and be able to identify areas of opportunity to get involved with information security tasks and initiatives. The ideal candidate would be comfortable working in a fast-paced environment, excel at communicating to technical and non-technical staff, be capable of switching between tasks as situations and criticality arise and be passionate about learning and continuous education.

Responsibilities:

·         Execute on security strategy as defined by the Information Security Manager.

·         Take ownership of the Vulnerability Management Program, working with cross-functional teams to identify, manage and mitigate security vulnerabilities across the Firm.

·         Assist with the administration of the Vendor Risk Management process, including analyzing and responding to third-party risk assessments.

·         Monitor and respond to information security alerts and notifications (IDS/IPS, SIEM, AV/EDR)

·         Collaborate and advise on IT projects to ensure security issues are addressed throughout the project life cycle.

·         Assist other IT teams in developing and employing security solutions across various applications and product platforms.

·         Administer and utilize various endpoint and network security tools, such as antivirus/EDR, SIEM, Cisco FirePower or other comparable advanced detection and response tools.

·         Administer and utilize vulnerability scanning, packet analysis and exploitation tools such as Nessus, nmap, Wireshark, tcpdump, Metasploit or similar technologies.

·         Design, review and aid with implementation of secure networks and system architecture (ex. network topology reviews, firewall ruleset reviews, minimum security baselines, etc.).

·         Design, review and administer Azure cloud security controls and architecture, including auditing

·         Azure cloud environments.

·         Utilize scripting languages such as PowerShell and Python.

·         Apply appropriate controls referenced in various security frameworks and standards, such as

·         ISO27001:2013, NIST 800-53, CIS Top 20 Controls, etc.

·         Monitor and secure Microsoft client and server systems, along with Cisco (or comparable) network devices.

·         Assist with the management and maintenance of user security policy education, training 

Requirements:

·         Bachelor’s Degree in Computer Science, Management Information Systems or related field.   

·         A minimum of 5-7 years of experience in Information Technology, including 3-5 years of experience in Information Security with two or more of the following domains: Windows

·         Systems Administration, UNIX/Linux Systems Administration, Networking, Access Control, Incident Response, and Information & Data Security.

Preferred Certifications:

o    Certified Information Systems Security Professional (CISSP)

o    GIAC GSEC, GCIH, GCIA, GCWN, or equivalent certification

o    CompTIA Security+, CySA+, Network+, CASP or equivalent certification

Very strong communication skills, both written and oral.

All your information will be kept confidential according to EEO guidelines.