Sr Information Security Analyst
Job Location:
Philadelphia, PA - USA
Monthly Salary:
Not Disclosed
Posted on:
2 hours ago
Vacancies:
1 Vacancy
Job Summary
Locals or semi-local preferred
Qualifications:
Required
- 5 years of relevant information security experience (or 3 years in IT systems administration with 2 years security responsibilities).
- Cloud security experience with GCP or Azure and sound knowledge of Cloud Security framework.
- Expertise in incident response system monitoring/analysis and risk assessments aligned with compliance and privacy laws.
- Experience with compliance requirements: HITRUST PCI NIST HIPAA SOC2.
- Experience across multiple platforms: Windows Linux/Unix macOS; networks and endpoints.
- Experience with vulnerability assessment and penetration testing engagements.
- Experience with change management and project management.
- Excellent technical writing and presentation skills; ability to translate technical risk to business impact.
Preferred
- CCSP preferred; other certs: AZ 500 AWS Security Specialty GCP Professional Cloud Security Engineer.
- Experience securing Azure AWS GCP in enterprise/hybrid environments.
- Familiarity with NIST CSF ISO 27001 CIS Benchmarks MITRE ATT&CK.
- Automation scripting experience a plus.
Responsibilities:
Cloud & Enterprise Security (SME)
- Serve as SME on security fundamentals techniques and technologies across Azure AWS GCP and on prem environments.
- Guide cloud security architecture: IAM encryption/key management network controls data protection workload hardening.
- Implement process improvements aligned to security frameworks (NIST CSF/800 53 ISO 27001) and business needs; optimize technology to improve customer experience.
Security Operations & Incident Response
- Implement and monitor controls for unusual and suspicious activity across endpoints networks and cloud platforms.
- Perform advanced monitoring data/log analysis threat hunting and forensic investigations; contribute to SOC/IR workflows.
- Plan contribute to and participate in incident plan exercises and tabletop scenarios.
Governance Risk & Compliance (GRC)
- Draft or revise local policies standards guidelines and procedures to supplement enterprise frameworks; identify and remediate gaps based upon NIST standards.
- Interface with internal/external auditors and examiners; maintain vendor management standards questionnaires and regulatory documentation (HITRUST PCI NIST HIPAA SOC2).
- Review contracts and provide security guidance; support project scoping costing and cost benefit analyses.
Stakeholder Engagement & Communication
- Act as a liaison for the security team; clearly communicate business risk as it relates to information security.
- Create technical documentation (reports white papers technical notes implementation/configuration guides).
- Use visual aids to convey complex topics to large diverse audiences; communicate clearly in high pressure high visibility situations.
Continuous Improvement
- Recommend new security solutions and improvements that do not impede innovation.
- Stay current with the evolving threat landscape; consistently learn and grow to remain a step ahead of attackers.
Technical Expertise
Cloud Security (Azure AWS GCP)
- GCP: IAM Security Command Center Cloud Audit Logs VPC Service Controls CMEK/KMS Cloud Armor Workload Identity; container security (GKE).
- Azure: Defender for Cloud Microsoft Sentinel Entra ID (Azure AD) Conditional Access Key Vault NSGs/Azure Firewall storage encryption Defender for Endpoint integration.
- AWS: IAM roles/policies Security Hub GuardDuty KMS CloudTrail/CloudWatch VPC security controls AWS WAF Secrets Manager. (experience with AWS is not required)
Additional Technologies
- Operating Systems: Linux Windows Server Windows Desktop; hardening patching CIS Benchmarks.
- Forensics & eDiscovery: Symantec Purview Proofpoint; email/file discovery; incident response.
- Network & Perimeter: Palo Alto firewalls URL filtering DNS blackhole/geo filtering WildFire; F5 AWAF.
- SIEM & Logging: MS Sentinel MDE Elastic; Endpoint management/log forwarding. Microsoft Data Lake CRIBL
- Vulnerability & AppSec: Qualys NexusIQ; OWASP aligned testing and remediation.
- Endpoint: Microsoft Defender Microsoft ATP/Defender for Endpoint.
- Identity & MFA: Okta Microsoft (Entra ID MFA).
- Core Services: DNS zone management; network micro segmentation; zero trust aligned controls.
- Secure Productivity: Securing Microsoft 365 (Exchange Online SharePoint/OneDrive Teams Purview).