Information Security Analyst
Job Type: Direct Hire
Locations: Philadelphia, PA
Work Setting: Hybrid | Onsite 2 days a week
Compensation: $100,000 - $130,000 | Based on experience
Overview: Our client is seeking a dynamic Senior Security Analyst to collaborate with their IT operations team to safeguard their organization’s data, computer systems, and infrastructure. This role involves thorough analysis, testing, and investigative measures to enhance their cybersecurity infrastructure through essential installations, upgrades, and improvements.
Responsibilities
- Work closely with Information Technology leadership to formulate and refine strategies supporting the organization’s security architecture.
- Collaborate with various business units to integrate security best practices in the design and execution of new initiatives.
- Manage the vulnerability management platform, including configurations, scanning, reporting, and endpoint agent updates.
- Oversee the EDR platform, encompassing event investigations, alert/report design, policy configurations, and endpoint agent updates.
- Partner with the Cloud Engineer and Operations team to ensure Microsoft cloud design and implementation adhere to security best practices.
- Conduct periodic audits to verify the proper installation and operation of EDR and vulnerability scanning applications.
- Monitor SIEM and Microsoft Azure environments for signs of security events and enhance Splunk alerts, reports, and dashboards.
- Lead the response to confirmed security incidents, minimizing business impact, communicating findings, and providing mitigation strategies, forensic analysis, and hardening recommendations.
- Stay informed on external threat intelligence relevant to both the general industry and the legal sector, providing recommendations to safeguard the organization against emerging threats.
- Work with technical operations teams to ensure the effective functioning of security controls like firewalls, MFA, and NAC.
- Prepare reports on security performance metrics, incidents, and other related outputs.
- Coordinate with Risk and Audit teams to address certification tasks and client inquiries promptly.
Qualifications
- Bachelor’s degree in a relevant field is required (Information Security, Computer Science, etc.)
- Current security certifications are desirable; Security+, CySA+, CISA, or similar.
- 3-5 years of experience as a security analyst or information security engineer.
- Hands-on experience with security software and systems including firewalls, intrusion detection systems, antivirus/EDR software, identity monitoring solutions, authentication platforms, log management, web-content filtering, and vulnerability management systems.
- Experience with Splunk, CrowdStrike, and Qualys software.
- Familiarity with Azure cloud security is a plus.
- Ability to navigate complex IT environments with minimal supervision and collaborate effectively with diverse teams.
- Experience in project task planning, execution, and documentation.
- Strong verbal and written communication skills.
#LAIT