Information Technology Security Analyst

Only Local and W2 candidate is required

An Information Security Specialist interprets information security policies, standards and other requirements as they relate to internal information system and coordinates the implementation of these and other information security requirements. The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability. The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.g. penetration testing, accreditation, or risk assessment and mitigation); develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection; assess and mitigate system security threats and risks; perform security audits, evaluation, risk assessments and make a strategic recommendations; and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents.

The Information Security Specialist will possess knowledge and experience in standard methodologies used in certification and accreditation processes; extensive experience following NIST guidelines in risk assessment and management; conducting vulnerability analysis; developing mitigation plans; and performing penetration testing, password protection testing and application security testing.

Expertise in Cisco ASA, Cisco FirePower, and Palo Alto Networks. Expertise in Next-Generation Firewall (NGFW) capabilities, such as intrusion prevention systems (IPS), application control, and content filtering. Expertise in firewalls in cloud environments (AWS, Azure, GCP, OCI). Expertise in network protocols (TCP/IP, UDP, ICMP, etc.). Expertise in crafting, reviewing, and optimizing firewall rules and policies. Proficiency with firewall log analysis tools and SIEM platforms (Elastic Search, etc.). Proficiency with identifying, analyzing, and mitigating network threats. Proficiency with routing and switching (e.g., BGP, OSPF, VLANs). Proficiency with DNS, DHCP, NAT, and Site-to-Site VPN. Strong understanding of software-defined networking (SDN) and virtual firewalls. Strong understanding of cybersecurity frameworks like NIST and ISO 27001. Strong understanding of regulatory compliance requirements such as PCI DSS and HIPAA. Strong understanding of scripting languages such as Python, PowerShell, or Bash for automating firewall configurations and reporting.

Three (3) years of experience within the last five (5) years in deploying and configuring firewalls in large-scale enterprise environments. - Three (3) years of experience within the last five (5) years in operating cloud-based firewalls and security groups in AWS, Azure, GCP, or OCI. - Three (3) years of experience within the last five (5) years in managing firewalls across multiple sites, including remote configurations. - Three (3) years of experience within the last five (5) years in designing, implementing, and optimizing firewall rule sets based on security best practices. - Two (2) years of experience within the last five (5) years in performing regular audits of firewall policies to reduce rule base complexity. - Two (2) years of experience within the last five (5) years in identifying, analyzing, and mitigating firewall-related issues during security incidents. - Three (3) years of experience within the last five (5) years in deploying hybrid or multi-cloud security architecture projects. - Two (2) years of experience within the last five (5) years in tuning firewalls for performance in high-bandwidth, low-latency environments.