Security Analyst

Vertilocity Job Description

Job Title: Security Analyst

Overview Of Position

We are seeking a dynamic and experienced Security Analyst to join our team. The ideal candidate will possess a strong background in IT consulting, with expertise in analyzing business processes, identifying software solutions, and implementing technology-driven strategies to meet client needs. The Security Analyst will be responsible for protecting an organization's computer systems, networks, and data from cyber threats. They monitor systems for security breaches, investigate violations, implement security measures, and respond to incidents. The role involves assessing and maintaining security policies, tools, and strategies to safeguard information.

We want you to excel in your career as part of a dynamic team, and we provide the support and resources to help you succeed. The breadth and depth of experience we offer you is unique in the marketplace. If you want a career in a leading-edge field and want to be involved in work that is critical to people and their businesses, you're the kind of person we're looking for. Vertilocity's team environment offers a dynamic and diverse experience. Here, our team members have the opportunity to engage with various aspects of our clients' technology ecosystems, fostering continuous learning and skill development. We prioritize the growth and advancement of our team members, offering them a career pathway rather than just a job.

Qualifications And Skills

• Bachelor's degree in Computer Science, Information Technology, or related field preferred.
• 2 years of experience in cybersecurity or a related field.
• Experience with Microsoft Windows Server, Microsoft 365, Microsoft Azure Platform, Barracuda Email Defense, Fortinet, SonicWall, Axcient 365, Datto BCDR, Arctic Wolf, Sentinel One, ThreatLocker, Huntress, Perimeter 81, Kaseya Dark Web ID, Cisco DUO, Cisco Umbrella, RapidFire Tools: Network Detective, Compliance Manager GRC, VulScan
• Strong problem-solving, and decision-making abilities.
• Familiarity with threat intelligence platforms and incident response.
• Excellent communication skills to articulate security issues to both technical and non-technical audiences.
• Ability to work in a team and collaborate with various departments.
  
  

Responsibilities:

Incident Response

• Sentinel One/Huntress/Defender for Endpoint Monitoring and Response
• Email Account takeover monitoring and response (Barracuda/M365)
• SIEM Alert Response and coordination with SOC team
• ThreatLocker - Required Application blocked
• Incident investigation (M365/Windows Servers/Firewalls, etc)
• Incident related client communication
  
  

Maintenance/Management

• Firewall Security Configuration And Review
• Create and maintain Best Practices Documentation
• Firewall Firmware updating
• Vulnerability Scanning - Review and response
• VolScan, Sentinel One, Arctic Wolf
• Developing response plan and prioritizing
• Internal and client reporting and follow-up
• KnowBe4:
• Managing training and phishing campaigns for existing clients
• Onboarding new clients and setting up campaigns
• Managing groups and appropriate Training for Very Targeted Individuals
• ThreatLocker - Managing Approved Applications and groups
• Microsoft Windows and Microsoft 365
• Security Best Practices Review
• Active Directory
• Intune/Endpoint
• M365 Security
• M365 Purview (Compliance)
• Create and Maintain documentation on-
• Best Practices
• Recommended baseline configuration
  

Compliance

• Management of Compliance Portals
• Risk Assessment
• Policy and Procedure Review
• Pen Test Review
• Network Assessment
• Controls assessment
• Requirements Assessment (Gap Analysis)
• Evidence gathering
• Developing a Plan of Action
• Written evaluation of Risks
• Evaluation of potential impact of mitigations
• Prioritization of mitigations based on Risk, cost, time to implement, potential impact, etc.
• Presentation of PoA to Client Executives and Technical Decision Makers
• Vendor Technical Review
• Risk Evaluation
• Supply Chain Evaluation
• Privacy Policy Evaluation
• Employee Training and Attestation management
• Deployment of monitoring Tools
• Continuous monitoring of Compliance status
  

Disaster Recovery Testing/Documentation

• Restoring files, folder structure, email from backup tools
• Local and cloud virtualization of backups to validate restoration works and systems function
• Documentation of the process and procedures
• Issues and special directions for each workload
• Required order of operations for restore
• Evidence of testing for Compliance purposes
• Development and maintenance of Disaster Recovery Policies for Client review and approval
• Other duties as required by the needs of the organization.

Physical Requirements:

• Travel is required for this position. (Mostly Local)
• Must be able to lift 50 lbs. and sit for extended periods of time.
  
  

Vertilocity provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.