Easter Seals Jobs

Job Description

A client is looking for a Senior Information Security Analyst to join their Information Security Team. You will play a key role in Information Security working with IT, Infrastructure, Platform, and Engineering Teams. The right individual for this role will be experienced with Vulnerability Management, Endpoint Protection, Security Monitoring, and Incident Response. If you thrive by working in a fast-paced environment and driving security practices across multiple functions, consider this opportunity as the next level in your professional development. Roughly 50% of this role will be spent in vulnerability management. 30% responding to tickets or escalations through 3rd party SOC or EDR. 20% doing ad hoc tasks like work in BeyondTrust, incident creation and investigation.

· Work with multiple teams and departments to implement secure practices and processes.

· Support vulnerability scanning and security monitoring of cloud platforms and services.

· Collaborate with Technical Teams to establish Continuous Monitoring practices.

· Identify vulnerabilities in vendor products and manage risk mitigation and remediation efforts.

· Coordinate with Technical Teams to develop and implement a patching strategy.

· Standardize vulnerability reporting and define Service Level Agreements (SLAs) for patching.

· Maintain SIEM infrastructure and develop correlation rules for enhanced threat detection.

· Support and expand DLP processes, including system monitoring and tuning.

· Optimize and configure AV and EDR systems, including rules and tuning.

· Configure and fine-tune O365 security settings to align with organizational standards.

· Assist in developing Incident Response processes, including training and testing.

· Act as a point of escalation for handling security incidents and policy violations.

· Document incident response playbooks and train technical teams on procedures.

· Prepare incident reports and conduct root cause analyses.

Assist with audits, including SOC2 and TX-RAMP compliance.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

3+ years of security experience (6+ in IT in general)

Experience with vulnerability scanning tools (Tenable, or Qualys, Nexpose)

Skilled in CVE, CVSS, and CWE systems to prioritize and rank vulnerabilities

Able to provide mitigation and remediation strategies for vulnerabilities and software weaknesses

Knowledge of Data Loss Prevention approaches and remote access architectures

Proficient with threat intelligence feeds and sources

Experience with Privileged Access Management solutions like BeyondTrust or CyberArk

Skilled in installing, configuring, and tuning system monitoring tools (auditD and Sysmon)

Experience supporting and optimizing SIEM platforms (sumo logic, or splunk, elasticsearch)

Proficient in policy creation and tuning for EDR platforms like Sophos and Crowdstrike

Knowledge of incident response procedures, including evidence preservation and chain of custody

Ability to analyze security events/incidents and determine root causes using logs and other tools Certifications

SaaS experience

Experience using MITRE ATT&CK framework for identifying tactics, techniques, and procedures

Familiar with STIX and TAXII standards and related tools

Understanding of Information Assurance and Data Classification strategies related to DLP

Experience implementing File Integrity Monitoring solutions like OSSEC and Tripwire

Familiar with 0365 security configurations and tuning null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.