Data Security Admin 1

Cullerton Group has a new opportunity for a Data Security Admin 1 in Peoria, IL, Nashville, TN, or Dallas, TX. The work will be done onsite three days a week. The rest will be work-from-home.. This is a long term contract. It can lead to permanent employment with our customer. Compensation is $45/hr OT including benefits, vision, dental, health insurance, 401K and holiday pay. Cullerton Group will provide sponsorship.

A typical day for a Threat Protection Team analyst usually revolves around monitoring and responding to security incidents, managing vulnerabilities, and - collaborating with team members. -

- **Daily CSIRT Meeting:** The day often starts with a daily Cyber Security Incident Response Team (CSIRT) meeting. Analysts discuss ongoing incidents, - share updates on previous cases and prioritize tasks for the day. This is a crucial time for knowledge sharing and aligning on strategies.

- - **ServiceNow Queue Management:** After the meeting, the analyst checks the ServiceNow queues for any new incidents or requests. This involves - reviewing tickets related to security alerts, assessing their priority, and assigning them for investigation or resolution.

- - **Vulnerability Remediation:** The analyst reviews vulnerability reports generated by the CrowdStrike platform. They prioritize vulnerabilities based - on risk levels and business impact and begin coordinating with IT and development teams to address critical vulnerabilities.

- - **Incident Investigation:** Analysts spend a significant part of their afternoon investigating security incidents. This includes analyzing logs, reviewing - endpoint data and determining the scope of any breaches or threats.

- - **Documentation and Reporting:** As the day wraps up, analysts document their findings and actions taken in ServiceNow. They prepare reports for - management and ensure that all incidents are properly logged and categorized for future reference.

- - **Follow-up Tasks:** Before finishing for the day, analysts follow up on any unresolved tickets and ensure communication with relevant stakeholders regarding ongoing remediation efforts.

- Support Caterpillar’s Endpoint Detection & Response (EDR) (including Linux/Ubuntu server), Identity Management,

- Vulnerability Management / Attack Surface Visibility / Response Actions environments. - Promote automation for monitoring and remediation of client health issues, monitoring of EDR Infrastructure, vulnerability remediation, and aligning to Enterprise ITSM change and control procedures.

- Be a liaison between Corporate Cybersecurity, and our business partners to help understand their operations and maintain global security processes, while building collaborative relationships, provides expertise, technical guidance, and security awareness as needed. Interaction with team:

- Interacting with team lead and some additional support responsibilities.

- 6 teams members

ducation & Experience Required: - Degree is a nice to have- weighted a little more* - 1-3 years experience, someone who is eager to learn and gain experience. Technical Skills (Required) - Cloud Services Knowledge / Experience - Ubuntu Operating System Experience - Experience with Host Group, Prevention Sensor, and Policy Configuration - Experience using and/or maintaining commercially available Endpoint Detection and Response (EDR)/Extended Detection and Response (XDR) tools. - Experience supporting Kernel level security solutions. - Exposure to SQL, PowerShell or Python Scripting, Command Line Interfaces - OS Administration: Windows, MacOS (command line, services, data manipulation, installation, and system operation) - Experience with Windows/macOS Frameworks and events relevant to security. - Remote Administration Tools - Help Desk/Break Fix/Desktop Support Experience - Installing/Removing/troubleshooting MSI packages - ServiceNow Experience - Automation Solutioning & Experience - Technical Certifications: SANS, CompTIA, or MS Certs Soft Skills (Required) - General understanding of business operations and IT/Technology processes - Adaptability to work in a varied, fast paced, ever changing global environment. - Ability to participate in 24x7 On-Call rotations. - Team player – able to communicate, collaborate, and work effectively in a regionally distributed team. - Experience in maintaining system documentation in an enterprise tool (ie SharePoint, OneNote, etc) for group dissemination