Information Security Analyst II

Position Purpose :

Performs highly complex (senior-level) work. Implements, upgrades, and monitors security measures for the protection of the Information Technology networks, systems and information, and acts as a first line responder to security events and incidents. Works under limited supervision, with moderate latitude for the use of initiative and independent judgement.

Essential Responsibilities :

• Manages vulnerability management program using Rapid7 InsightVM, maintains security baselines using CIS Workbench, and performs compliance scanning with CIS CAT-Pro. Duties include performing scans, maintenance of the platform, analysis of vulnerabilities for criticality and devising and implementing remediations.
• Manages and analyzes output from various security tools to include, but not limited to : Vulnerability Management, EDR / XDR, SEIM / SOAR, Email Security Gateway, and WAF.
• Plans and performs technical analysis with a variety of Information Security tools and techniques to identify, analyze and resolve security threats, vulnerabilities, events, and incidents. Creates and tunes alerts and configurations.
• Consults and works with internal and external stakeholders to remediate or mitigate security vulnerabilities, events, and incidents

Minimum Qualifications

Education

• Bachelor's degree from an accredited college or university
• Additional experience in an information technology system and network role or other related areas may be substituted for Bachelor's degree on a year per year basis. (Experience requirements may be satisfied by full-time experience or the prorated part-time equivalent.)

Certification

• Professional security certification, such as GIAC Security Essentials Certification (GSEC), Systems Security Certified Practitioner (SSCP), Certified Information Security Systems Professional (CISSP), CompTIA CYSA , or CompTIA SecurityX (Formerly CASP )

Experience

• Three (3) years in an information technology systems and network or related role
• Three (3) years in information security or support of an information security

Benefits

TMF offers an excellent benefits package, including :

• Medical, dental, vision, life, accidental death and dismemberment, and short and long-term disability insurance
• Section 125 plan
• 401K
• Competitive salary
• License / credentials reimbursement
• Tuition Reimbursement

EOE Minorities / Females / Vet / Disability

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)