• Design, implement, and support security tooling across cloud and on-prem infrastructures.
• Perform vulnerability assessments and reviews; facilitating remediation planning, exposure tracking, communicating risk, and reporting on mitigation status.
• Lead the development of security control assessments for common platforms and the implementation of findings from said assessments.
• Facilitate Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle.
• Participate in the administration of security implementations (EPP/EDR, IPS/IDS, SIEM, etc).
• Support the ongoing administration, design and use of the Security Information & Event Monitoring platform, ensuring audit trails, system logs and other monitoring data is reviewed and actionable.
• Support the ongoing administration, design and user of network segmentation tools and underlying concepts.
• Provides security architecture knowledge and design concepts to Information Technology and Development teams.
• Apply or recommend adaptive security measures based on investigative findings and threat monitoring.
• Participate in and coordinates application security reviews, working with third party assessors and application owners to identify and remediate findings.
• Performs second level investigation into user reported threats such as phishing, machine compromise, advanced threats, etc.
• Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. Presents action plans for implementation and approval.
• Perform threat hunting based on Tactics, Techniques and Procedures (TTPs) and threat reporting from information sharing organizations (US-CERT, FS-ISAC, etc).
• Provide technical expertise to support vendor and project reviews.
• Performs all other duties and special projects as assigned.

• 5-7 years of combined Information Security and Technical Administration Experience.
• Experience with infrastructure and application security controls. This includes both designing and assessing security controls.
• Substantial experience with common information security management frameworks, MITRE ATT&CK, OWASP, CIS, International Standards Organization (ISO) 27001 and IT Infrastructure Library (ITIL).
• Substantial and advanced experience with security information and event management (SIEM) systems.
• Substantial experience with IDS/IPS and other network security platforms.
• Breadth and depth of technical and or functional expertise in security operations and other related areas within information technology departments such as Infrastructure, Engineering, Networking or Development.

Education and/or Training:

• Bachelor’s degree in Computer Sciences, Information Systems or another related field.
• Security Certifications such as CISSP/GIAC/CISA/CISM is preferred.