Description
Our client is looking for an IT Security Specialist to evaluate the adequacy and effectiveness of internal data controls, business and technical processes, and the performance of the organization's technology platforms to ensure the integrity of the organization's systems and data.
The candidate will perform security and integrity reviews of the organization's data or IT systems.
Interview Method
Webcam and On-site (3 rounds - 2 onsite)
Schedule
NOTE: Schedule for this position will be hybrid.
At least 2 days on site in Waterford, MI (Tuesday & Thursday).
We can accept H1b, H4, TN and other valid work visas for IT.
However we cannot accept OPT or CPT visas at this time.
Skills Required
2+ years - Hands on experience in at least one (1) of the following areas: SOC Analyst, Threat hunting, Detection engineering, or Network Security engineering
2+ years - Experience in active troubleshooting of technical systems including creation of documentation
Experience in client facing environments including active correspondence via email, instant message, voice/video calls with screen sharing
Strong desire to learn, grow, and stay connected to the changing threat landscape
Ability to discuss the fundamentals of information security in at least THREE (3) of the following areas
Governance, Risk, and Compliance (GRC)
Cloud and hosted applications o Containerization
Application security
Network security and Zero Trust Architecture (ZTNA/NetSec)
Endpoint security and OS hardening
Security tooling and reporting automation (leveraging PowerShell/Python/Bash etc.
Drive data into reports and dashboards)
Malware analysis/forensic system analysis o Incident response and remediation
Penetration testing of Apps, endpoints, or devices
Cyber Threat Intelligence (CTI) including automation of feeds and processing of incoming alerts/vulnerabilities
Vulnerability Management
Data Protection
Experience with CrowdStrike
Hands-on experience with SOAR and other automations
Hands-on experience using common AI models for automation, reporting, or research
Familiar with various NIST frameworks such as CSF 2.0, *******, and ******
Familiar with MITREATT&CK framework
Familiar with OWASP and web application penetration testing
Connections to the larger infosec community
ISACA CRISC certification
ISC2 SSCP certification
CompTIA Security+ certification
Experience with Government (State, local, or federal) IT systems (StateRamp/FedRamp)
GRC experience extending to CJIS, HIPAA, PCI etc.
#J-*****-Ljbffr