Information Security Specialist

Position Overview Our client, a leading professional services organization based in Midtown Manhattan, is seeking a highly skilled Information Security Analyst to join their cybersecurity team. This role will play a critical role in defending the organization's systems against a broad range of cybersecurity threats. The ideal candidate will have strong technical expertise and a proactive approach to event handling, threat modeling, and incident management. This position is ideal for someone looking to contribute to a complex, dynamic environment with high-impact responsibilities. The role is a full time, permanent position with outstanding benefits, bonus, strong PTO, a hybrid / flexible work enviornment and the opportunity to work as part of a truly outstanding team. Key Responsibilities Act as a senior technical resource within the Security Operations and Threat Management team to safeguard the integrity and availability of enterprise systems and services. Lead and support incident investigations, assisting containment and mitigation to maintain security across the organization's technology landscape. Spearhead hunting, detection, tool engineering, and automation efforts to enhance the organization's incident response capabilities. Perform comprehensive analysis across multiple tools and platforms, monitoring the full spectrum of the technology environment including network, endpoint, application, and cloud infrastructure. Conduct in-depth analysis of information systems using advanced cybersecurity techniques and tools to detect and prevent malicious activities across various threat vectors. Coordinate and lead red team exercises and breach simulation activities, contributing to the overall Security Operations and Threat Management strategy. Engage in vulnerability research, assessment, and management to identify and address security gaps, reducing the organization's risk profile. Evaluate and prioritize vulnerabilities, including zero-day exploits, and work closely with technology teams to implement effective mitigation strategies. Provide technical data and intelligence for leadership teams, contributing to the development of threat briefs that outline the organization's risk profile and external attack surface. Design and develop custom tools and scripts to support security operations and enhance detection capabilities. Integrate Cyber Threat Intelligence through data enrichment, correlation, and attribution, providing insights for proactive defense strategies. Maintain current knowledge of industry trends, emerging threats, and best practices in cybersecurity to continuously evolve the organization's security posture. Offer technical guidance and mentorship to team members and collaborate with other departments on security initiatives. Create and maintain reports, documentation, and dashboards to track process improvements and outcomes related to security initiatives. Ensure compliance of all applications, systems, and network infrastructure with internal and external security policies, standards, and procedures. Qualifications / Skills Minimum of 4+ years of experience in cybersecurity or information technology with a focus on security tools and processes. Proven knowledge of industry-leading security controls, monitoring, and analysis technologies. Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Excellent interpersonal skills, including teamwork, collaboration, and facilitation. Experience working within environments adhering to recognized standards such as SOC2 or ISO 27001 (preferred, but not required). Preferred certifications (but not required): GCIH, GREM, GNFA, GCFA, CEH , or equivalent.

Created: 2024-11-05