Job Summary:

The Information Security Analyst will provide service and operational support to all ACS Information Security Office service offerings and capabilities. The InfoSec Analyst will support project work upon request.

This position will support the security incident response system as well as the threat detection systems that monitor the environment. The Information Security Analyst is responsible for the analysis and documentation of security incidents, participate in the litigation hold processes, ensuring that security events are properly enumerated and resolved and accounted for in the ITSM tools.

The Information Security Analyst will support all GRC initiatives, participating in compliance audits and reviews of both systems and processes that govern the operations of Allegis IS and the personnel responsible for supporting these same systems.

Essential Functions:

Work incidents and requests from the Security ticket queue
Handle security escalations, identify and resolve critical security events requiring additional/specific investigation, triage, and mitigation.
Assist the Information Security, Legal and Compliance teams in the creation of procedures, technical documentation, and completion of project tasks as required.
Generate and present reports aggregating incident data
Review purchasing agreements, questionnaires, contracts and statements of work to ensure compliance with company security standards and requirements
Provide guidance and support to the Legal and executive requests for data gathering and analysis
Document and report assessment and incident findings to the Security Operations Manager and ISO
Collaborate with IS management, the corporate Legal department, safety and security, and law enforcement agencies to manage risks and security vulnerabilities
Collaborate with other IS groups to implement Information Systems policies, procedures, standards and guidelines
Perform the operation of related compliance monitoring, auditing, and improvement activities to ensure compliance both with internal corporate policies and applicable laws and regulations
Represent the Information Security role in the Change Management, Incident Management, Patch Management, and Problem Management processes
Actively participate in the IT security community to stay abreast of current standards and best practices.
Maintain an industry standard information security certification
Prepare reports that document general metrics
Support the on-boarding of new InfoSec employees and contractors
Ability to work off-hours to handle security alerts and changes to InfoSec technologies.
Perform other related duties as assigned

Minimum Education and/or Experience:

Bachelors degree in the field of MIS, computer science, information systems or computer engineering or equivalent experience
2 to 4 years of experience
Ideal candidates will hold one or more of the following certifications:
o NET , SEC , SANS GIAC (GISF, GSEC or other),
Experience with Agile methodology a plus (ACP)

Skills/Abilities:

Data Loss Prevention technologies
Security Operations Centers
Encase Litigation/Hold process solutions.
Rapid7/NeXPOSE security scanning and management tools
Experience with Microsoft O365, Microsoft Defender for Cloud, .NET, Active Directory, ADFS, Windows/Linux, SQL Server, Azure AD, VMware/Citrix, Salesforce.com
Incident and Problem management system support
Basic understanding of Network, host, data, integration, and application access security in multiple operating system environments (Windows, Solaris, Linux, etc.)
Basic understanding of Information Security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
Basic understanding of the Internet, web, application and network security technique
Experience in successfully deploying new business processes and technologies
Basic understanding of network scanning and intrusion detection products
Basic understanding of Data Loss Prevention and threat detections systems Basic understanding of Federal/International regulations related to information security (FISMA, Computer Security Act, Safe Harbor, HIPAA, etc.)

Core Competencies:

Build relationships
Develop people
Lead change
Inspire Others
Think critically
Communicate clearly
Create accountability