Information Security Analyst

Our client a leading professional services firm, located in downtown NYC is looking to hire an

• Manage, configure and support on premise and cloud-based IT security monitoring systems: eSentire, O365/Azure security consoles, Cisco Umbrella and Palo Alto Panorama.
• Review, triage, analyze and remediate information from Information security monitoring systems, third party threat intelligence, and vendor vulnerability information.
• Coordinate vendors performing vulnerability, risk analysis and penetration testing.
• Manage and oversee internal department auditing function (includes review of: user accounts; elevated privileges; patch and security configuration status; and information access).
• Manage maintenance and development of policies and procedures for the Firm’s Information Security Management System (ISMS).
• Participate in the Firm’s Computer Security Incident Response Team and Information Security Forum.
• Participate in client security assessment and review process.

• Extensive knowledge of current security threats, techniques, and landscape
• Strong understanding of internal control concepts and policies.
  • ISO 27001 certification a plus
• Strong knowledge of Incident Analysis and Response concepts and techniques
• Working knowledge of IT infrastructure including network devices and architecture, TCP/IP, network protocols, server operating systems, vulnerability scanning, endpoint protection, intrusion detection, firewalls, and content filtering.
• Knowledge of MFA, PKI, Palo Alto, Cisco ASA, IDS/IPS, KiWi, SolarWinds, Nessus, Windows, Linux/Unix, VMware, IDS/IP, forensic discovery, Certificate Authority (CA), PKI, Kerberos, SSL, HTTPS, LDAP, Active Directory, Group Policy, DNS, NTFS, SharePoint, Remote Access, Citrix, VDI, ACLs, etc
• Various social engineering, and penetration testing approaches/tools for vulnerability identification, enumeration, and exploitation to determine security networks, systems, and application's security configuration
• Bachelor’s degree, preferably with strong academic record.
• Information Security certification strongly preferred.