SECURITY - Junior

Job Description

Contract term: 3 year contract
Work model:
Hybrid, least 2 days a week near Union Station; 7 hour days
1.0 Description of Assignment
The candidate will defend against cybersecurity incidents and identify, analyze, communicate and contain incidents as they occur.2.0 Skills and Certifications
Mandatory Skills/Certifications

BS or MA in computer science, information security, cybersecurity or a related field

3+ years of experience in IT audit, enterprise risk management, penetration tester, red team/incident responder, or as a junior security operations analyst.

3+ years of experience with regulatory compliance and information security management frameworks (such as International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)

Certificates such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)

Other Skills/Certifications

Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one

An ability to effectively influence others to modify their opinions, plans or behaviors

An understanding of organizational mission, values, goals and consistent application of this knowledge

Strong problem-solving and troubleshooting skills

3.0 Assignment Duties

Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls and host-based security systems

Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources

Deploy cloud-centric detection to detect threats related to cloud environments and services used by the organization

Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity

Review alerts and data from sensors, and documents formal, technical incident reports

Work with threat intelligence and/or threat-hunting teams

Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies

Work with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts

Correlate network, cloud and endpoint activity across environments to identify attacks and unauthorized use

Research emerging threats and vulnerabilities to aid in the identification of incidents

Provide users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary

Perform security standards testing against computers before implementation to ensure security

4.0 Deliverables
Deliverables include:

Identifying, deploying, configuring, and managing security infrastructure.

Addressing Support Tickets