Logo
Insight Global

Senior Security Analyst

Insight Global, , CA, United States

Title: Senior Security Analyst

Location: 10060 Goethe Rd Sacramento, CA 95827

Duration: 12-month contract to hire

Salary: $50-$55/hr

Hours: Monday - Friday

  • M + F can WFH

Must Haves:

  • 10+ years of experience in information security
  • Network security
  • SOC Analyst
  • Endpoint management
  • Vulnerability management
  • Cloud security
  • Incident response
  • Programming/scripting
  • Knowledge of control systems, security best practices, security frameworks and security controls, and compensating controls.
  • Bachelor's degree in computer science or related degree from an accredited US College/University.

Day to Day:

  • Internal and External Assessments
  • Performing risk and security assessments for upgrades or newly proposed applications and technologies.
  • Coordinating and performing internal security assessments
  • Coordinating efforts of external security assessments
  • Risk Acceptance Process
  • Evaluating risk acceptance requests and providing options for mitigating controls if needed.
  • System Security Plans - Developing, updating and reviewing System Security Plans
  • Incident Response –
  • Developing and updating IRPs (for business and control systems), playbooks, tabletop exercises and simulation).
  • Incident response team member - and coordination following Incident Command Structure when appropriate
  • Documenting incidents and after actions
  • Managing after action items
  • Monitoring assets (e.g., servers, computers, devices, networks, applications) for potential security threats and vulnerabilities
  • Working with technical security systems such as SIEM, firewalls, endpoint security, vulnerability management, patch management, PKI, and cloud security management
  • Vulnerability Management - Managing and documenting mitigation efforts for identified vulnerabilities from security assessments, alerts/advisories, or other means—from start to finish. This includes the process of risk acceptance for any critical vulnerabilities not meeting the timeline to mitigate or unable to be mitigated.
  • Developing, deploying, and supporting security policies, standards, guidelines, and procedures to ensure ongoing security compliance.
  • Working knowledge and technical level understanding of cloud security strategy. Cloud security certification is a bonus
  • Working knowledge and proficiency in networking, domain administration, PAM, DLP, MFA, SOC applications, SIEM applications
  • Proficient in Python, and Power Shell for automation
  • Providing consultation on methods of protected confidential data, and critical systems and networks either on the business network or control systems networks
  • Working collaboratively with team members, but also able to work effectively with minimal supervision.