Information Security Specialist

Description

Job Title - Information Security Specialist

Mandatory Requirements

Must be a United States citizen.

Office location: New Jersey.

Schedule: Rotating shifts, including weekends.

SIEM Operations: Minimum of 2 years of relevant experience in security investigations.

SIEM Administration: At least 1 year of experience in SIEM administration.

Experience with the following technologies: SIEM, DLP, EDR/EPP, and CASB.

Technical Skills Requirement

Comprehensive threat detection and investigations

Identify Security Threats such as phishing, ransomware, etc.

Understanding of Proxy & Firewalls

Authentication Methods: Active Directory, TACACS, radius, MFA

MS Office Suite, Excel, PowerPoint, Teams, Word

Operating System management, tools, and navigation for Windows, Linux

Strong analytical and critical observation skills to understand security issues

Understanding of IP Services: DNS, NTP, SFTP, SSH, Syslog, TACACS, Radius

Skills Plus

Scripting: python, PowerShell, bash

REGEX

Technical writing and presentation skills

Role Summary and Work Tasks

Security Operations

o Attend morning, evening, or night meetings based on shift schedules to provide daily functional updates and insights.

o Monitor security alerts and escalate issues to the next level while conducting technical analyses.

o Receive incidents and perform in-depth analyses, correlating them with threat intelligence to identify the threats, nature of the attack, and the systems or data affected.

o Determine the strategy for containment, remediation, and recovery, and take necessary actions accordingly.

o A strong understanding of the MITRE framework is required.

SIEM Administration

o Provide daily reports on hardware, software, and application utilization trends.

o Add, remove, and troubleshoot log sources.

o Create and enhance use cases.

o Collaborate with the local engineering team to identify and reduce false positives.

o Work with OEM Support when needed.

o Optimize license capacity by monitoring utilization reports across various platforms.

General Requirements

o Stay informed about the latest security threats, trends, and technologies through ongoing learning and training.

o Share knowledge and best practices with colleagues to strengthen the overall security posture of the organization.

o Ensure that security operations comply with relevant industry standards, regulatory requirements, and organizational policies. This may include assisting in compliance assessments and audits, as well as implementing measures to address any compliance gaps.

o Participate in regular reviews and assessments of Security Operations Center (SOC) processes, procedures, and technologies to identify areas for improvement. Implement enhancements to optimize the efficiency and effectiveness of security operations.

Education

The position requires a bachelor s degree in computer science, engineering, or cyber security, or an equivalent of 2 years of experience in the Information Security Operations field.