Information Security Analyst
Allegis Group
- Hanover, MD
- Permanent
- Full-time
- Work incidents and requests from the Security ticket queue
- Handle security escalations, identify and resolve critical security events requiring additional/specific investigation, triage, and mitigation.
- Assist the Information Security, Legal and Compliance teams in the creation of procedures, technical documentation, and completion of project tasks as required.
- Generate and present reports aggregating incident data
- Review purchasing agreements, questionnaires, contracts and statements of work to ensure compliance with company security standards and requirements
- Provide guidance and support to the Legal and executive requests for data gathering and analysis
- Document and report assessment and incident findings to the Security Operations Manager and ISO
- Collaborate with IS management, the corporate Legal department, safety and security, and law enforcement agencies to manage risks and security vulnerabilities
- Collaborate with other IS groups to implement Information Systems policies, procedures, standards and guidelines
- Perform the operation of related compliance monitoring, auditing, and improvement activities to ensure compliance both with internal corporate policies and applicable laws and regulations
- Represent the Information Security role in the Change Management, Incident Management, Patch Management, and Problem Management processes
- Actively participate in the IT security community to stay abreast of current standards and best practices.
- Maintain an industry standard information security certification
- Prepare reports that document general metrics
- Support the on-boarding of new InfoSec employees and contractors
- Ability to work off-hours to handle security alerts and changes to InfoSec technologies.
- Perform other related duties as assigned
- Bachelor’s degree in the field of MIS, computer science, information systems or computer engineering or equivalent experience
- 2 to 4 years of experience
- Ideal candidates will hold one or more of the following certifications:
Experience with Agile methodology a plus (ACP)Skills/Abilities:
- Data Loss Prevention technologies
- Security Operations Centers
- Encase Litigation/Hold process solutions.
- Rapid7/NeXPOSE security scanning and management tools
- Experience with Microsoft O365, Microsoft Defender for Cloud, .NET, Active Directory, ADFS, Windows/Linux, SQL Server, Azure AD, VMware/Citrix, Salesforce.com
- Incident and Problem management system support
- Basic understanding of Network, host, data, integration, and application access security in multiple operating system environments (Windows, Solaris, Linux, etc.)
- Basic understanding of Information Security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
- Basic understanding of the Internet, web, application and network security technique
- Experience in successfully deploying new business processes and technologies
- Basic understanding of network scanning and intrusion detection products
- Build relationships
- Develop people
- Lead change
- Inspire Others
- Think critically
- Communicate clearly
- Create accountability