GDI Infotech is hiring: Cyber Security Analyst in Troy
GDI Infotech, Troy, MI, United States
Senior Cyber Security Analyst
Troy Michigan - Hybrid must live in the area and be able to commute.
US Citizen ONLY
Job Summary:
The Senior Cyber Security Analyst will protect the organization from cyber-attacks by monitoring the information technology systems and evaluating threats as they arise. The role will also support in the implementation and management of the cyber security program, data loss prevention, vulnerability assessments, incident management, and implementing/managing security tools.
As Senior Cyber Security Analyst, you will:
- Develop information security program and implement NIST-800-171/CMMC Framework.
- Manage (SSP) system security plan, (POAM) plan of action and milestone, and update (SPRS) Supplier performance risk system score.
- Lead MS365/O365 security & compliance implementation by ensuring security requirements are satisfied and help adjust policy as needed.
- Manage the SIEM solution and identify, triage, and assist in remediation of cyber security alerts.
- Define technical and business processes and policies related to data protection strategies, as well as implementing DLP solutions to provide security, privacy, and integrity.
- Perform vulnerability assessments and assist in remediation, and interface with technical teams to advocate for appropriate remediation responses.
- Audit endpoint & server patching processes to identify gaps and work with technical teams to resolve issues.
- Conduct network/host monitoring and intrusion detection analysis using various tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), firewalls, SIEM, NAC, EDR, DLP, Cisco Umbrella, and host-based security tools.
- Lead in conducting security incident investigations, act as a security subject matter expert during cyber incident response and collaborate with technical teams to assure incident(s) is/are resolved.
- Monitor the corporate network for vulnerabilities, security threats, and breaches and work to remediate anomalies/breaches.
- Research the latest cyber security trends and apply knowledge as necessary.
- Lead cyber security education and simulated phishing tests.
- Work with 3rd party security vendors such as an MSSP (Managed Security Service Provider).
- Work with Cyber Security/IT personnel throughout **GDI InfoTech**.
Minimum qualifications to be considered:
- Must be a U.S. Citizen.
- Must be able to secure and maintain a Department of Defense security clearance.
- Bachelor’s degree in computer science, computer engineering, or a related field.
- Minimum 5 years of experience managing a security information and event management (SIEM) system or other cybersecurity-related monitoring solutions and driving remediation based on SIEM outputs.
- Minimum 5 years of experience managing vulnerabilities, patch management, and remediation.
- Minimum 5 years of experience with cloud-delivered commercial and government-based solutions such as Microsoft M365-E5/Azure, and experience with IT backup and disaster recovery systems.
- Working knowledge of NIST Framework, MS-365 Security & Compliance, DLP, SIEM, CrowdStrike, Cisco Umbrella, Incident management, TCP/IP (Transmission Control Protocol/Internet Protocol), OSI (Open Systems Interconnections) Model, DNS (Domain Name System), and DHCP (Dynamic Host Configuration Protocol).
- Working knowledge of firewalls, switches, servers (Windows, LINUX), and databases.
- Understanding and proficiency with SAN (Storage Area Network) and NAS (Network Attached Storage), Local Area Network (LAN), and Wide Area Network (WAN) concepts and configurations such as routing, cabling, VPN (Virtual Private Network), and ISPs (Internet Service Providers) options and capabilities.
- Ability to act effectively as a technical resource in annual disaster recovery testing initiatives.
- Excellent communication skills including ability to interact effectively with customers, vendors, and team members and strong leadership and organizational skills.
A successful candidate may also have:
- Master’s degree in business, information technology, or a related field.
- Minimum 5 years of professional experience supporting, securing, and maintaining networks, servers, and cloud environments.
- Certification(s) in information security such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), etc.
- Experience with system installation, configuration, and analysis and capacity planning and performance monitoring techniques and tools.
- Working knowledge of network performance monitoring solutions such as SolarWinds or Nagios.
- Knowledge of project management and diagramming and vector graphics applications such as Microsoft Project and Microsoft Visio, respectively.