What are the responsibilities and job description for the IT Security Specialist position at CCS Global Tech?
CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.
we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.
We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.
If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.
Roles/Responsibilities:
Under general direction, evaluates the adequacy and effectiveness of internal data controls, business and technical processes, and the performance of the organization's technology platforms to ensure the integrity of the organizations systems and data. Performs security and integrity reviews of the organization's data or IT systems.
Mandatory Skills:
- Minimum 2 years hands on experience in at least one (1) of the following areas:
- SOC Analyst
- Threat hunting
- Detection engineering o Network Security engineering
- Experience in client facing environments including active correspondence via email, instant message, voice/video calls with screen sharing
- Minimum 2 years experience in active troubleshooting of technical systems including creation of documentation
- Strong desire to learn, grow, and stay connected to the changing threat landscape
- Ability to discuss the fundamentals of information security in at least THREE (3) of the following areas:
- Governance, Risk, and Compliance (GRC)
- Cloud and hosted applications o Containerization
- Application security
- Network security and Zero Trust Architecture (ZTNA/NetSec)
- Endpoint security and OS hardening
- Security tooling and reporting automation (leveraging PowerShell/Python/Bash etc. to drive data into reports and dashboards)
- Malware analysis/forensic system analysis
- Incident response and remediation
- Penetration testing of Apps, endpoints, or devices
- Cyber Threat Intelligence (CTI) including automation of feeds and processing of incoming alerts/vulnerabilities o Vulnerability Management
- Data Protection
Desirable Skills:
- ISACA CRISC cert
- ISC2 SSCP cert
- Hands-on experience with SOAR and other automations
- Hands-on experience using common AI models for automation, reporting, or research
- Familiar with various NIST frameworks such as CSF 2.0, 800-207, and 800-53
- Familiar with MITREATT&CK framework
- Familiar with OWASP and web application penetration testing
- Connections to the larger infosec community