Security Analyst/Wisconsin/Government

Under the general supervision of the Chief Information Security Officer, this position is responsible for assisting in the Cloud Security and Incident Response programs.

As the Cloud Security Analyst, the incumbent will be the acting ambassador and senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout the organization in design and implementation of cloud and cloud/hybrid based implementations and solutions.

As the Incident Response Analyst, the incumbent will evaluate and respond to cybersecurity threats, risk, vulnerabilities, and evaluate processes to determine relative risk to the product, system, and organization. This position plays a central role in identifying, evaluating, and monitoring security control enhancements in response to cyber intrusions.

This position also reviews and recommends policy standards, procedures, and guidelines for utilizing corporate security, including tools and methodologies. This support involves multi-platform, multi-operating system implementation in a large, complex, existing professional development environment.

Minimally qualified candidates must have the following:

-Experience responding to Cyber Security incidents
-Experience with Security Architecture and/or Security Engineering
-Experience with Cloud platforms, (platforms may include Amazon Web Services (AWS), Azure, VMware NSX, etc.)

In addition to the above, a well-qualified candidate will also have at least one of the following:

-Experience using data and vulnerability assessment tools to exam systems, ports and applications to ensure a secure IT environment (tools may include Tenable, Qualys, OpenVAS, etc.)
-Knowledge and/or experience with Risk Management and Assessment frameworks (which may include FAIR or NIST RMF, etc.)
-Knowledge and/or experience with audit and compliance requirements (such as PCI, CJIS, HIPPA, etc.)
-Knowledge and/or experience with penetration testing methodology and techniques used to gather information, scan targets and enumerate system information

Tagged on: , , ,