Cyber Security Analyst Engineer Jobs

Minimum of 3 years of experience in an Information Security role conducting information security investigations and related responsibilities

Demonstrated understanding of business processes, internal control risk management, IT controls, audit and related standards

Produce, manage and maintain risk and compliance documentation

Bachelor’s degree (must be from an accredited institution) in Information systems or business related major or equivalent experience required

Security+ Certification or the ability to become certified within 1 year required

Effective interpersonal, written and verbal communication and relationship-building skills

Experience with Network, application, S-SDLC implementations as well as Operating Systems security controls

Key responsibilities include, but not limited too:

Implementing and analyzing the results of bi-monthly penetration tests, design reviews, source code reviews and other related tests.

Understanding of Cyber Security Frameworks (such as NIST, ISO, CIS, SOC, etc..)

Cyber Security Analyst - Pennsylvania - $120,000 - Industry Leading Pharmaceutical Firm

Exciting Cyber Security Analyst opportunity with a leading Pharmaceutical company based in Pennsylvania.

Participating in the change management process

Testing and identifying network and system vulnerabilities

A degree in computer science, IT, systems engineering, or related qualification

2 years of work experience with incident detection, incident response, and forensics

Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security

Strong attention to detail with an analytical mind and outstanding problem-solving skills

4+ years of Cybersecurity experience with the requirements listed under “technologies.”

Experience with the skills listed under “technologies” is what they’ll be looking for vs. certain tools.

Research, draft and edit policies in support of management and security standards.

Support the installation, integration, maintenance, and security of building management systems.

Assist in the day-to-day management of services providers.

Solid understanding of the fundamentals of computer networking and threat management.

Strong Experience with Okta access control and identity management platform.

Prepare and present reports on the status of the firm’s information security posture to management and other stakeholders.

Develop, implement, and maintain information security policies, procedures, and guidelines in accordance with industry best practices and regulatory requirements.

Continuously monitor and analyze the firm’s networks and systems for potential security vulnerabilities, threats, and incidents.

Implement and manage security tools, such as firewalls, intrusion detection systems, encryption, and endpoint security solutions.

Compliance with all applicable regulations and industry standards, including SEC, FINRA, and other regulatory requirements.

Identify, report, and document security vulnerabilities and weaknesses in the organization's security posture.

Relevant industry certifications such as OSCP, GPEN, CEH, or similar.

Proven experience in offensive security, penetration testing, or red teaming.

Excellent problem-solving and analytical skills.

Strong written and verbal communication skills.

Ability to manage multiple projects and priorities simultaneously.

2. Risk Assessment and Management

1. IDIQ Force Area 1 : Cybersecurity, Information Assurance, and Risk Management Services

14. Writing and manage test case/scripts/plans

Type of Contract: Professional Services

Department: United States Department of Agriculture (USDA), Rural Department (RD)

1. USDA Rural Development, 1400 Independence Ave SW, Washington DC, 20250

Effective problem-solving skills and requirements gathering techniques.

Assesses new security technologies to determine potential value for the enterprise. Continuous education and research into new and emergent cyberattack methodologies.

Develop, maintain, and manage policies and plans related to cybersecurity.

Bachelor’s degree in data science, engineering, computer science or related field or equivalent industry training and certifications.

3 to 5 years of experience as a security analyst or related position.

Technical knowledge of enterprise-class technologies such as firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems.

Knowledge of incident and problem and change management

Good customer service and relationship management skills.

Application Support experience on a unix platform OR Unix System administration experience who is looking to move into Application Support.

Has experience in Application support

Experience supporting a security product

Familiarity with command prompt, including bash or sh or csh.

• Familiarity with Identity Management (IDM) concepts

Identify potential security vulnerabilities and risks and collaborate with relevant teams to implement appropriate remediation measures.

• Minimum of 2 years of cybersecurity experience

• Certifications such as CompTIA Security+, CISSP, and CEH are a plus

Conduct regular audits and assessments of security controls to ensure compliance and established security policies, standards, and regulations.

Monitor security systems and tools to detect and respond to security incidents and breaches promptly.

MINIMUM REQUIRED EDUCATION AND/OR FORMAL TRAINING, YEARS OF EXPERIENCE, COMPETENCIES, SKILLS AND/ORSPECIFIC KNOWLEDGE

Participating in the change management process.

Testing and identifying network and system vulnerabilities.

Experience with Firewall Security, Cloud Security, Web Applications, Email Gateways, SIEMS and Endpoint Security.

Solid understanding of the OSI model and renowned ports and services (may not be a requirement, but is often preferred)

Strong attention to detail and problem-solving skills

Knowledge of patch management with the ability to assist in deploying patches in a timely manner while understanding the business impact

Document security breaches, assess/analyze to determine impact/scope of the incident and report to management.

Complete Attestation of Compliance on regular basis. Create a plan of action and manage the execution. Provide regular reports to management.

Assist with vulnerabilities scanning and fixes.

Knowledge of firewalls, proxies, endpoint protection

2+ years of experience in cyber security

120k - 160k and negotiable based upon meeting experience and requirements

Work with system and application administrators to address detected vulnerabilities

Deploy and use platform and application vulnerability scanning tools to detect vulnerabilities, assess risk and recommend mitigation activities

Experience with writing bash pearl and/or python scripting

Have 3 to 5 years of experience troubleshooting systems/networks in a large enterprise environment

Have 3 to 5 years of experience deploying and maintaining 2-Tier and 3-Tier applications

Familiarity with IT ticketing or case management solutions

Bachelor’s degree in computer science or a related field, or equivalent experience

A minimum of 1 year of experience in the IT field or a college degree in a relevant discipline

Experience in one or more monitoring zones such as endpoint, network, application, web, cloud, or database

Strong problem-solving and technical skills

Knowledge of networking, endpoint security, cloud security, database security, or documentation

Maintain DR/IR plan runbooks management and support forensic investigations.

Review and manage user and user groups AD access and privileges.

Maintain risk register and manage remediation plans.

Partner with desktop team to deploy and manage FIDO keys for end users.

Review external penetration test and lead/manage remediation efforts.

Hands-on experience with cyber training and awareness is required.

Experience in anomaly detection, data analytics, data leakage, policy development, behavior analytics and log management.

Hands-on experience with UEBA tools (Ex. Securonix, SNYPR etc.) especially in policy and content development, log ingestion, case management and workflows.

Lead design and deployment of solution, manage data ingestion, implementing new functionality to meet business requirements.

Cloud, Networks, Databases, Cryptography, Identity & Access Management, Proxies etc.

Responsible for enabling and maintenance of all data sources and feeds to support the operational requirements of platform and downstream needs.

Manage service parameters around operational incidents and SLAs in partnership with platform service provider/vendors.

Identify security gaps and assess vulnerabilities that could impact the organization’s assets

Manage the expectations of senior-level customers and facilitate presentations/briefings as needed

Conduct reviews and assessments of planning, requirements, design, construction, testing, and implementation deliverables

2 to 5 years of experience in Professional Services at a cybersecurity vendor, SOC/IR experience, or a combination of the two

Familiarity with industry cybersecurity tools to gather and review data and mitigate vulnerabilities

Hands-on experience with any of the following types of technologies: Forescout, Tenable, Axonius

Issue Management; Triage issues to accurately assess and capture them within the GRC tool.

Risk Management: Identify, assess, monitor, and report risks with minimal supervision.

At least 3 years of professional experience in Governance, Risk, and Compliance.

EST or PST candidates only.

Data Security Governance: Conduct data security assessments.

We are seeking a Security Risk /GRC Analyst professional to fill this role.

Conduct thorough assessments of software applications, networks, and systems to identify security vulnerabilities and weaknesses.

Collaborate with cross-functional teams to prioritize and address vulnerabilities based on potential impact and risk.

Provide detailed reports outlining vulnerabilities, including their potential impact and recommendations for remediation.

Stay updated with the latest security threats, attack vectors, and industry best practices to identify and address emerging vulnerabilities proactively.

Participate in designing and implementing security measures to prevent future vulnerabilities.

Collaborate with external partners, vendors, and researchers to exchange information about vulnerabilities and security trends.