Sr. IT Security Specialist

Under general direction, evaluates the adequacy and effectiveness of internal data controls, business and technical processes, and the performance of the organization s technology platforms to ensure the integrity of the organizations systems and data. Performs security and integrity reviews of the organization s data or IT systems. Must Have Minimum 3-4 years hands on experience in at least one (1) of the following areas: o SOC Analyst o Threat hunting o Detection engineering o Network Security engineering Experience in client facing environments including active correspondence via email, instant message, voice/video calls with screen sharing Minimum 2-3 years experience in active troubleshooting of technical systems including creation of documentation Strong desire to learn, grow, and stay connected to the changing threat landscape Ability to discuss the fundamentals of information security in at least THREE (3) of the following areas: o Governance, Risk, and Compliance (GRC) o Cloud and hosted applications o Containerization o Application security o Network security and Zero Trust Architecture (ZTNA/NetSec) o Endpoint security and OS hardening o Security tooling and reporting automation (leveraging PowerShell/Python/Bash etc. to drive data into reports and dashboards) o Malware analysis/forensic system analysis o Incident response and remediation o Penetration testing of Apps, endpoints, or devices o Cyber Threat Intelligence (CTI) including automation of feeds and processing of incoming alerts/vulnerabilities o Vulnerability Management o

Data Protection Environment:

Nice to Have

ISACA CRISC

cert

ISC2 SSCP

cert Hands-on experience with SOAR and other automations Hands-on experience using common AI models for automation, reporting, or research Familiar with various NIST frameworks such as CSF 2.0, 800-207, and 800-53 Familiar with

MITREATT&CK

framework Familiar with OWASP and web application penetration testing Connections to the larger infosec community