IT Senior Security Analyst

Vienna, VA
Nov 19, 2020
Nov 23, 2020
Full Time
Job Description Overview Centurion is proud to be a leading provider of comprehensive healthcare services to correctional facilities, state hospitals, and community mental health centers nationwide. We are currently seeking a full-time IT Senior Security Analyst to join our Corporate Team located in the Tyson's Corner area of Vienna, Virginia. Available Shift Responsibilities The IT Senior Security Analyst will be part of the dynamic security team and responsible for actively monitoring security threats and risks involving client infrastructure. This includes timely review of alerts generated by devices, assessment of the situation, and notification to IT leadership staff. This role works with IT, a compliance team, and vendors to produce effective technical solutions which provide visibility and response efficiencies in support of an intelligence-driven computer network defense and incident responses. Additional duties include: * Perform SIEM configuration and monitoring, network monitoring and analysis, threat response, DLP and work with other Information Security tools * Perform vulnerability and security scans of existing production network components, paths, networks, sub-networks, systems and software as required * Research new threats and conduct risk assessments and analysis; help develop mitigation plans and concept of operations to support threat and vulnerability analysis * Write scripts using PowerShell, Perl, Python and Linux Shells with extensive use of regular expressions * Demonstrate excellent written and verbal communication skills, presentation, and problem solving skills * Participate in reviews and analysis of projects that have an impact on IT security * Provide guidance and assistance to the team and act as an escalation point on complex technical issues * Communicate complex technical concepts and project information clearly and concisely to both technical and non-technical audiences * Work in an environment with evolving requirements and dynamic schedules * Inspire cooperation, confidence, and motivation of a team in a stressful environment * Provide review and progress reports of all Plan of Action and Milestones (POA&M) * Conduct daily review of ticketing system for required response to incidents, events, actions, and requirements, providing management of assigned actions in accordance with prescribed timelines * Demonstrate thorough system analysis techniques to resolve technical problems; solve complex problems independently or collaboratively with IT colleagues * Daily monitoring of infrastructure including network, physical and virtual servers and appliances * Fulfill routine communication requirements, including system documentation and status reporting and creating/updating procedural documentation * Utilize Ticketing system to document and manage change requests, client requests and issues * Document and maintain security procedures * Continuously improve and document key processes and activities in a Standard Operating Procedures (SOP) format for use by other team members and to enhance efficiencies * Review and evaluate new technology and make recommendations for use within IT, Corporate, and the company as a whole * Identify areas for improvement and ways to increase efficiencies including processes, tools, and templates * Travel 5-20% * Evenings, weekend and/or holiday work, as needed * Other duties as assigned Qualified candidates should have: * Bachelor's degree in Computer Science, Information Systems or equivalent experience * 8 years or more of progressively responsible experience working in Information Security or a security focused IT role at a large (5,000+ employee) company * Advanced technical and security knowledge in specialty such as log analysis, incident response, etc. * Demonstrated experience with risk and enterprise vulnerability assessments, remediation and incident responses * Strong understanding of the information security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors * Strong knowledge in network monitoring using standards like SNMP, Syslog, etc. * Demonstrated experience in monitoring and analyzing logs, syslogs as well as alerts from a variety of tools/technologies like Splunk, Network devices, Proxies, etc. in computer network intrusion/detection environment * Strong understanding of common categories of malware and their characteristics * Ability to design and setup a sand box environment for further security investigations * Strong knowledge of well-known scanning tools such as NMAP, Nessus, TCPDump, Wireshark, Netcat, etc. * Strong knowledge of identified operating system platforms, routers/switches, network protocols, and network infrastructure * Strong knowledge to write scripts (Python, Perl, Linux Shell, Powershell, etc) to automate repetitive processes Preferred Certifications: * Splunk and/or other monitoring tools certifications * CEH (Certified Ethica