This role is responsible for day-to-day information security operational functions. These responsibilities include real time monitoring analysis and resolution of security events from multiple sources. This position is heavily focused on three aspects of threat and vulnerability management. The first is to manage and maintain the File Integrity Monitoring (FIM) & Endpoint Security Systems. The scope of the vulnerability management process includes: data, application, and infrastructure vulnerabilities and will be facilitated by a combination of manual processes and vulnerability management tools (listed below). The second aspect is to ensure that such vulnerabilities are prioritized and remediated by the appropriate operations team. This objective will require heavy cross-functional interaction to clearly communicate vulnerability risk posture with all operations and software development teams. The candidate will be required to create vulnerability management reports on a regular basis and present the information to multiple types of audiences. The final aspect of this role requires mid-level knowledge for monitoring security by analyzing IPS reports, firewall logs, vulnerability alert systems and operating systems, database, and application frameworks patch levels.
- Working level knowledge of File Integrity Monitoring tools like Tripwire
- Working level knowledge using Endpoint Security tools similar to Carbon Black Protection
- Working level knowledge using Security Information and Event Management Tools like Splunk Core & ES
- Working level knowledge using Network Vulnerability Assessment tools like Rapid7 – Nexpose
- Working level knowledge using Application Vulnerability Assessment tools like BurpSuite or similar tool set.
- Working level knowledge of Windows and UNIX/Linux server operating systems
- Experience with penetration testing tools like MetaSploit and/or similar Security Frameworks
- Experience with process lifecycle of the creation, management and compliance of security policies, procedures, standards and guidelines
- Experience with the processes of identifying appropriate controls to comply with security policies and regulations
- Experience producing threat and compliance reports for a wide variety of audiences (technical and non-technical)
- Excellent communication and analytical skills
- Must work well with others as part of larger team and be able to collaborate on cross functional teams
- Must be available and willing to work extended and/or alternative hours as needed for issue resolutions, roll-outs, system upgrades, etc.
- Able to work independently toward goals set at a higher level
We invite you to call ABTSolutions and discuss your career today. Our daily goal is to have empowering conversations with our candidates, and listen for how we can make a difference for you. Our contact number is 407-363-0024.