IT Security Specialist

Description:

Under general direction, evaluates the adequacy and effectiveness of internal data controls, business and technical processes, and the performance of the organization''s technology platforms to ensure the integrity of the organizations systems and data. Performs security and integrity reviews of the organization''s data or IT systems.

Must Have:

Minimum 2 years hands on experience in at least one (1) of the following areas: o SOC Analyst o Threat hunting o Detection engineering o Network Security engineering Experience in client facing environments including active correspondence via email, instant message, voice/video calls with screen sharing Minimum 2 years experience in active troubleshooting of technical systems including creation of documentation Strong desire to learn, grow, and stay connected to the changing threat landscape Ability to discuss the fundamentals of information security in at least THREE (3) of the following areas: o Governance, Risk, and Compliance (GRC) o Cloud and hosted applications o Containerization o Application security o Network security and Zero Trust Architecture (ZTNA/NetSec) o Endpoint security and OS hardening o Security tooling and reporting automation (leveraging PowerShell/Python/Bash etc. to drive data into reports and dashboards) o Malware analysis/forensic system analysis o Incident response and remediation o Penetration testing of Apps, endpoints, or devices o Cyber Threat Intelligence (CTI) including automation of feeds and processing of incoming alerts/vulnerabilities o Vulnerability Management o

Data Protection Environment:

Nice to Have, ISACA CRISC cert, ISC2 SSCP cert, Hands-on experience with SOAR and other automations, Hands-on experience using common AI models for automation, reporting, or research, Familiar with various NIST frameworks such as CSF 2.0, 800-207, and 800-53, Familiar with

MITREATT&CK

framework, Familiar with OWASP and web application penetration testing, Connections to the larger infosec community