Description:

The client is looking for a Security Analyst - Consultant

SCOPE OF THE PROJECT:

The Office of Cybersecurity ensures the confidentiality, integrity and availability of the client’s systems and services. Strong candidate must have hands-on experience with:
Data network design best practices
Routing and switching protocols
Network security best practices
On-premise and/or cloud networking environments
This role requires someone who can contribute independently on technical tasks and support more senior analysts on complex initiatives.


DAILY DUTIES / RESPONSIBILITIES:

This is a hands-on technical role reporting to the Office of Cybersecurity SOC lead.

The analyst will support client leadership, business units, partners, and vendors in day-to-day cybersecurity operations.

Security Program Experience:

Strongly desired experience includes:

CMS ARC-AMPE, HIPAA, NIST or other FISMA RMF frameworks
Performing repeatable security processes supporting compliant enterprise architectures
Supporting security considerations for multi tenant cloud environments and vendor integrations

Technical Experience:

Candidates should have hands-on experience with:

1. Secure network design principles
2. Windows, macOS, and Linux operating systems
3. Switching and Routing
4. Enterprise Firewalls
5. Network auditing
6. IDS/IPS platforms
7. Network security monitoring
8. SIEM platforms such as QRadar, Splunk (Preferred)
9. Vulnerability scanning tools (Nessus, Qualys, etc.)
10. Cloud Infrastructure Security (Preferred)

Essential Responsibilities:

1. Assist in maturing network security and compliance solutions
2. Investigate and respond to daily network alerts
3. Perform network security assessments for proposed firewall and infrastructure changes
4. Conduct technical analysis for network security planning and engineering
5. Review and assessment of connectivity, website block and firewall rule requests to ensure they do not present an elevated risk to the client
6. Analyze on-premise and cloud networks for potential threats
7. Develop, review, and analyze network traffic reports that violate the client’s approved standards governing Ports, Protocols and Services.
8. Monitor emerging threat vectors and recommend countermeasures
9. Collaborate with other areas of the client to implement security controls
10. Support cloud and on-premise network changes and enhancement projects
11. Ensure compliance with ARC-AMPE, HIPAA and SCDIS-200
12. Assist with KPI creation and trend report monitoring
13. Participate in firewall configuration reviews and ruleset recertification
14. Provide guidance on best practices to technical teams
15. Perform additional SOC duties as assigned

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):

1. Approximately 3-5 years of hands-on experience in network design, implementation, or support
2. Hand-on experience in IT security or system administration
3. Working knowledge of secure network design, security architecture, compliance tools, data protection, and access models
4. Ability to analyze logs, alerts, and network telemetry.
5. Proficiency with Microsoft Office tools

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):

1. Experience working in regulatory environments
2. Experience supporting health IT or state government.
3. Familiarity with FISMA, NIST, CMS ARC-AMPE, and HIPAA security and privacy standards
4. Cloud network security controls (Azure or AWS).


REQUIRED EDUCATION/CERTIFICATIONS:

1. BS degree in Computer Science, information systems, Cybersecurity, or related field; or equivalent experience
2. A network security centric certification such as PCNSE or CCNA

PREFERRED EDUCATION/CERTIFICATIONS:

1. CISSP or Security+