Security Analyst SME in Charlotte, NC at Signature Consultants

Date Posted: 3/23/2020

Job Snapshot

Job Description

Security Analyst SME Summary:

Signature Consultants is seeking a Security Analyst SME for a 2-3 year opportunity with a client in Charlotte, NC. The Cybersecurity Threat and Vulnerability Analyst is responsible for identifying, analyzing, prioritizing, and eradicating cyber threats and vulnerabilities across the environment. The Cybersecurity Threat & Vulnerability Analyst position will utilize tools leveraged by the Threat & Vulnerability Management team to perform vulnerability assessments and monitoring in accordance with company standards in support of the client's ITOT program. This role will be responsible for performing vulnerability assessments and monitoring for configuration changes on OT program assets as well as analyzing and tracking remediation of OT vulnerabilities.

Employees at this level are expected to execute daily tasks with little supervision, solve complex problems, and provide leadership to others on areas of specialization. They are also expected to have advanced skills such as threat and vulnerability analysis, and have the ability to work independently to create and implement work products and initiatives.

  • Utilize tools which perform vulnerability analysis or configuration monitoring to evaluate the security posture of IT and OT assets.
  • Develop and maintain comprehensive technical, process, and administrative documentation.
  • Perform compliance procedures for in-scope devices as required by regulations.
  • Configure and maintain reports, rules, tasks, jobs, and objects within vulnerability and integrity management applications to promote compliance with regulatory requirements.
  • Request and track mitigations to address cyber vulnerabilities, specifically those related to OT systems, and support other coordination and remediation activities.
  • Work with internal stakeholders and business units to identify asset owners and develop remediation plans and vulnerability reports.
  • Perform risk assessments of identified vulnerabilities to determine and communicate necessary response actions required based on assessed level of threat.
  • Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
  • Develop and improve processes and metrics to advance and mature the threat and vulnerability management function.
  • Lead initiatives to improve the threat & vulnerability management function and promote best practices for remediating cyber threats and vulnerabilities.

Basic/Required Qualifications:

  • Bachelor's Degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems.

OR

  • (in lieu of degree) 9+ experience in Cybersecurity, preferably with threat and vulnerability, security operations center, military information security, and/or system administration role
  • 5+ years' experience in Cybersecurity, preferably with performing research on threat and vulnerabilities and utilizing vulnerability assessment tools
  • Experience in Cybersecurity, preferably with performing research on cyber threats and vulnerabilities and utilizing vulnerability assessment tools.

Desired Qualifications:

  • Extensive experience supporting, implementing, and enhancing vulnerability management tools.
  • Experience researching and assessing cyber threats and vulnerabilities
  • Knowledge of telecommunications fundamentals and common networking and routing.
  • Knowledge of NERC CIP regulations and requirements.
  • Knowledge of Operational Technology and SCADA systems and devices
  • General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB.
  • Windows and UNIX/Linux command line scripting experience and programming experience (Python, Powershell, etc).
  • Demonstrated ability to facilitate meetings and provide direction to others.
  • Demonstrated capability to work with little to no management oversight and must have strong personal initiative.
  • Possession of multiple industry standard certification such as SANS GIAC/GCIA/GCIH/GCFA, CEH, CISSP, CISA, etc. or other network / system security certifications specific to vulnerability management tools.
  • Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists
  • Ability to function effectively in a dynamic, fast paced environment
  • Ability to research independently, multi-task, and meet deadlines under tight timeframes
  • Ability to develop and maintain good working relationships with internal and external business partners
  • Experience with writing and editing technical documentation and operational procedures
  • Experience in developing and improving work processes
  • Demonstrated effective problem solving & analytical skills
  • Innovative - ability to recognize and seek improvement and efficiency opportunities
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cybersecurity domain
  • Knowledge of cybersecurity domains, security practices, and cyber defense models, such as the Cyber Kill Chain® methodology & MITRE's ATT&CK Framework®

About Signature Consultants, LLC

Headquartered in Fort Lauderdale, Florida, Signature Consultants was established in 1997 with a singular focus: to provide clients and consultants with superior staffing solutions. For the ninth consecutive year, Signature was voted as one of the "Best Staffing Firms to Work For" and is now the 14th largest IT staffing firm in the United States (source: Staffing Industry Analysts). With 28 locations throughout North America, Signature annually deploys thousands of consultants to support, run, and manage their clients' technology needs. Signature offers IT staffing, consulting, managed solutions, and direct placement services. For more information on the company, please visit www.sigconsult.com. Signature Consultants is the parent company to Hunter Hollis and Madison Gunn.

We are unable to sponsor or transfer visas at this time.