The IT Security Analyst for Infrastructure requires extensive experience in Operating Systems, Network and Security concepts for both traditional servers and within a container environment. The ideal candidate will have general understanding of converting security control points to actionable requests and tasks for the team to execute.
Essential Responsibilities:
- Monitor computer networks, operating systems for security issues.
- Responsible for container security management in On-Premises Kubernetes
- Investigate security breaches and other cybersecurity incidents.
- Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
- Implement Intrusion prevention measures and programs
- Document security breaches and assess the damage they cause.
- Fix detected vulnerabilities to maintain a high-security standard.
- Understand different security controls to meet regularity compliance.
- Stay current on IT security trends, standards and news
- Develop best practices for IT security and work with development teams for security guidelines
Minimum Qualifications:
- Bachelor's degree in computer science or related field.
- Minimum of 8 years’ experience with Infrastructure / System Engineering background
- Understanding of CVE – how to identify and remediate in Windows, Linux, Containers
- Experience with computer network penetration testing and techniques.
- Understanding of traffic flow and how access lists can be achieved in zero trust networks
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Current experience in managing various vulnerability tools.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
Preferred Qualifications:
- Three (3) years of experience writing documentation or standard operating procedures related to security practices and policies.
- Experience or Knowledge with on-premise Kubernetes and container security management
- Detailed understanding of securing the end to end image/container lifecycle from image build to production deployment
- Experience in DevSecOps principles and tools for container security management and in detail level on Namespace, Container and Pods
- Two (2) years of experience in analyzing packet captures
- One (1) year experience troubleshooting networks using packet captures
- One (1) year experience assessing vulnerabilities and determining when to mitigate
- One (1) year working in ServiceNow for managing incidents and service requests