ISRM Threat Analyst/Security Architect

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

Role: ISRM Threat Analyst/Security Architect

Work location: Remote

Duration: Long Term

Job Description:

The ISRM Threat Analyst plays a crucial role in supporting the organization's cybersecurity posture by monitoring, analyzing, and responding to potential security threats. This position provides an excellent opportunity to gain hands-on experience in incident response, and security operations. The Threat Analyst will work closely with senior analysts to identify and assess security risks, contribute to threat hunting activities, and assist in the development of security reports and recommendations.

Lead and coach on the definition of security architecture, including the development and implementation of effective security administration processes for all platforms.
Actively engage in security architecture solutioning within key pre-implementation systems
Identify and implement emerging data access control technologies, information systems security issues, safeguards, and techniques.
Perform security reviews and identify security gaps in security architecture, resulting in recommendations for inclusion into the risk mitigation strategy
Provide Security Architecture guidance to Senior EITS Management within client location and engage with multiple cross functional teams
Conduct application vulnerability scans, recognize vulnerabilities in security systems, and design countermeasures to identified security risks
Design security controls based on information assurance (IA) principles and tenets

Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.

Keep informed on current threats and industry regulations.

Strong Knowledge of infrastructure, application and security protocols in addition to configuration management techniques and risk management/compliance/audit standards
Deep knowledge of HIPAA/HITECH, NIST CSF, ISO27001/27002 and PCI-DSS Standards and Requirements
Knowledge of encryption algorithms
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)
Experience working with network access, identity, and access management (e.g. Active Directory, access federation, multifactor authentication, PKI)
Experience working with operating systems (Microsoft Windows, Linux, UNIX, MacOS X)
Knowledge of security management and secure configuration management techniques
Knowledge of software engineering
Skill in assessing the robustness of security systems and designs and determining how it should work (including its resilience and dependability capabilities)
Knowledge of IT supply chain security/risk management policies, requirements, and procedures

Must possess a high degree of integrity and trust along with the ability to work independently
Participate in special projects as needed and perform other duties as assigned
Must be able to work independently as well as work as part of a fast-moving team
Must be able to work at various locations when necessary along with working various shifts