17 days ago
Job Title: ISP Security Analyst
Job Location: Tallahassee, FL (Hybrid)
Job Duration: Initial contract through September 2024 + extensions
- At least 2 years of experience in using penetration testing tools to identify vulnerabilities in custom application code, commercial software, system configurations, and networks such as vulnerability scanners, sniffers, port scanners, intercept proxies, log parsers, etc.
- At least 4 years of combined IT and security work experience with a broad range of exposure to systems analysis, networking, application development, database design, and administration.
- Experience in working with third parties to coordinate, monitor, respond to and coordinate cyber security threats, incidents, and mitigations and responses.
- Experience creating and modifying scripts such as PowerShell and Python
- Ability to communicate technical information verbally and in writing.
- Ability to establish and maintain effective working relationships with different teams.
- Experience working independently and as a project team member in security administration.
- Experience developing security administration reports including access review documents.
- Information Security Certifications: CEH, CISSP, CISA, CISM, CCIE Security, CompTIA, etc.
- Experience in IT security related to application development and code reviews
- Experience as a project team leader in security administration
- Experience creating automated processes
Required Duties and Responsibilities of Consultant shall include but are not limited to:
- Performs security assessments of new technologies, new applications, workstations, networks, and network devices prior to implementation.
- Develops scripts, tools, and methodologies to enhance testing processes.
- Assesses servers for hardening of configurations and admin access.
- Provides guidance on the mitigation of vulnerabilities, non-compliance, and malware on servers and workstations.
- Gathers and analyzes Open Source Intelligence (OSINT) to find information disclosures.
- Communicates methods employed and findings upon completion of assessments.
- Performs regular vulnerability scans and prioritizes remediation
- Submits remediation tickets to the responsible technical teams, tracks the progress to closure as per SLAs, and validates the results.
- Supports monitoring, auditing functions, and application testing with creation of test plans, functional testing and identify system vulnerabilities.
- Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports, and investigates possible security exceptions, updates, and maintains and documents security controls.
- Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
- Provides direct support to the business and IT staff for security related issues.
- Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
- Address internal and external audits with supporting audit logs.
- Creation and maintenance of security related documentation.
- Security support off-hours work as required, including weekends, holidays, and 24/7 on call responsibilities.
All Consultants must have earned a bachelor's degree in Computer Science, Management Information Systems (MIS), or other technology related field or equivalent work experience of one (1) year system's experience for each year of education required.
Digital Intelligence Systems, LLC (DISYS) is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.