Staff IT Security Analyst
WGU Advancement
full-time
Posted on:
Location Type: Office
Location: Salt Lake City • North Carolina, Utah • 🇺🇸 United States
Visit company websiteSalary
💰 $140,200 - $217,200 per year
Job Level
Lead
Tech Stack
AWSCloudDynamoDBEC2PythonSDLCServiceNow
About the role
- Performs stand-up and development of toolsets that perform real-time, automated configuration and control of cloud-based services and software-defined infrastructure.
- Leads the development of Security Content and Use Case Development.
- Alerting aligning to the MITRE ATT&CK Framework.
- Reviews and develops security checks that provide continuous security and compliance within AWS and additional cloud platforms.
- Works with developers as part of the Software Development Life Cycle.
- Maintains responsibility for automation and software delivery of security tools using Continuous Integration/Continuous Development processes.
- Completes requirements gathering and specification, development of architecture diagrams, and integration with additional tools (ServiceNow).
- Ensures proper data points are captured and accounted for when calculating risk.
- Architects, designs, builds, and delivers cloud threat analytics by leveraging cloud log correlation, AI & machine learning engines.
- Architects and builds data security solutions such as DLP, and encryption in transit/rest.
- Conducts ROI and gap analysis for potential and existing products.
- Problem-solves in a complex demanding environment by drawing on a pool of technical experience, business understanding, and good judgment.
- Works individually and with the security teams to define security requirements, track security specific issues/concerns, provide security solutions, communicate identified vulnerabilities being introduced into the environment, and identify exceptions to policy.
- Leads the development of enterprise-wide designs as well as researches, develops, and recommends architectural policies and practices for current and future initiatives from definition phase through implementation.
- Manages internal Security projects that require little assistance from other groups. This includes writing requirements, managing the procurement process, initial installation and configuration, and overseeing the entire project lifecycle.
- Researches, evaluates, and stays current on emerging tools, techniques, and technologies.
- Acts as team lead when necessary, working side-by-side with other personnel in an advisory, support, and training role.
- Manages multiple simultaneous projects and tasks that involve different team members.
- Builds a Cloud and Data Security platform roadmap.
- Architects and leads implementation of risk mitigation tools and security tools for cloud migration and cloud infrastructure.
- Builds and maintains relationships across the University to promote cloud security initiatives.
- Researches and deconstructs cyber-attacks into sequenced Indicators of Compromise (IOC) detectable through network device logs.
- Creates abstract rules to detect network intrusions based on IOCs.
- Conducts open-ended analysis of large data sets to find network activity baselines and abnormalities.
- Designs and implements SOAR functions to automate compliance enforcement, security configuration management, and malicious activity remediation.
- Identifies gaps in the University’s security model and suggests solutions, including tools and processes.
- Engages with security architects to capture design requirements for cloud architectures and implementation strategies.
- Creates new processes and identifies new threats and mitigation strategies.
- Identifies and provides training opportunities for Cloud and Data Security staff related to technical issues.
- Researches latest threats including techniques used by individuals exploiting these vulnerabilities and threats.
- Performs other job-related duties as assigned.
Requirements
- Bachelor's Degree in IT Security, Computer Science, Engineering, or related field
- 7 years of Information Security experience, including understanding of all security domains
- Hands-on experience implementing MITRE ATT&CK Framework
- Working experience creating, designing, and implementing SIEM content security rules to detect malicious, suspicious, and/or abnormal events
- Hands-on experience maintaining cloud resources using infrastructure-as-code (CloudFormation, CDK, etc.)
- Expert scripting language experience (Bash, Python, etc.) with strong working knowledge of automation
- Experience with open-source security tools (i.e. Kali, Nessus, Fortify, AppScan, Nexpose, SAINT, Burp, NMap, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng, Eramba, etc)
- Hands-on experience with AWS APIs, Lambda. DynamoDB, EC2, VPC, CloudFront, CloudTrail, CloudWatch, IAM
- Relevant security certifications (CISSP, GIAC, ISACA, CEH, etc.)
Benefits
- Eligible for bonuses
- Medical, dental, vision, telehealth and mental healthcare
- Health savings account and flexible spending account
- Basic and voluntary life insurance
- Disability coverage
- Accident, critical illness and hospital indemnity supplemental coverages
- Legal and identity theft coverage
- Retirement savings plan
- Wellbeing program
- Discounted WGU tuition
- Flexible paid time off for rest and relaxation with no need for accrual
- Flexible paid sick time with no need for accrual
- 11 paid holidays
- Other paid leaves, including up to 12 weeks of parental leave
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cloud-based servicessoftware-defined infrastructureSecurity Content DevelopmentMITRE ATT&CK FrameworkAWSContinuous IntegrationContinuous Developmentdata security solutionsscripting languagesinfrastructure-as-code
Soft skills
problem-solvingleadershipcommunicationproject managementteam collaborationtrainingrelationship buildinganalytical thinkingadaptabilityattention to detail
Certifications
CISSPGIACISACACEH