Information Security Analyst

This position is located in Waukesha, WI

POSITION SUMMARY

Husco provides individuals the opportunity to pursue a career within a fast-paced, industry leading and entrepreneurial organization. This position requires an energetic, driven, problem solving, broad interest individual who can connect security capabilities to a reduction of the business attack surface within a context of providing employees low-friction, secure access to digital information from anywhere at any time. This position leads efforts in defining, planning, implementing, maintenance and upgrading security measures, policies and controls. Technical skills in firewalls, intrusion prevention systems, encryption methods, endpoint protection, identity access management and security incident / event management solutions are necessary to achieve personal and business objectives. Successful individuals will be self-motivated, customer oriented, organized and detail oriented.

PERFORMANCE OBJECTIVES

  • Risk Reduction and Avoidance. Identify, implement and refine well designed, low friction security solutions on established security platforms from Microsoft, CrowdStrike, Cisco and others. Recommend and introduce security measures, policies and controls that reduce both current and future attack surface across the entire organization including: client devices & services, networking, data, systems, applications and people across on-premise, remote working and Microsoft O365/Azure operating environments. Promote and work towards business success by establishing anywhere, anytime, fast secure access to digital services.
  • Strengthen Security Policies and Business Processes. Within the framework of ISO 27001:2017 standards, identify and introduce methods and measures to IT, security and business policies and processes including, change management, procurement, governance, compliance and IT architecture for the purpose of establishing risk visibility and avoidance.
  • Incident Monitoring, Response & Remediation. Assist with the development of SIEM solutions while monitoring and responding to suspected or actual security incidents from internal and 3rd party SIEM feeds. Contribute to filtering and tuning activities of security incident and event feeds to reduce false positives and continuously improve response and remediation tactics.
  • Security & Operations Convergence. Work with IT Operations and other cross-functional teams to address security related service desk tickets, coordinate remediation efforts and “operationalize” work thru the creation of standard operating procedures and work instructions.
  • Security Reporting, Training & Auditing. Work with the business and IT leadership to present and discuss data and methods used for measuring risk, threat remediation, project status, value creation, and general insights into the overall health and effectiveness of the security program. Provide training solutions including Phishing simulations, direct instructions, videos and office hours where identified. Work with customers and other 3rd parties to successfully complete security audits and drive remediation actions from non-conformances.
  • Strong Team Player and Contributor. Collaborate closely with technical and business colleagues to maintain or exceed quality expectations, deliver on project timelines, control costs and provide superior customer communication / satisfaction.
  • Continuous Improvement. Maintain a growth mindset for both IT Security and Business operations. Remain current on technical trends and best practices with respect to security practices, risk management and trending attack vectors by participating in educational opportunities, reading professional publications, maintaining personal networks and participating in professional organizations.

MINIMUM QUALIFICATIONS

  • Bachelor’s Degree in Computer Science or related; or equivalent combination of education and experience.
  • Maximum number of the following skills / experiences
    • Applied knowledge of practices, methodologies and administration of Microsoft & Azure products including:
      • Defender for EndPoint
      • Identity & Access Management – Defender for Identity AD (Azure AD), MFA, Conditional Access
      • eDiscovery, DLP, Compliance Manager, Information Protection & Governance
      • Secure Score, Microsoft Sentinel
      • Key Vault, CASB, Defender for O365
      • Microsoft Phishing Simulator
      • Office 365 – Teams, Office, Outlook, OneDrive, SharePoint)
      • Systems administration – Exchange, Windows Server (2016, 2019, 2022)
      • Azure Operations & Administration – storage, virtual machines, networks
      • Azure Application Gateway, Azure Firewall
      • Powershell scripting
      • Intune MDM
    • CrowdStrike Falcon XDR and MDR solution
    • Cisco FirePower Threat Defense
  • Knowledge of information security standards (ISO 27001, NIST)
  • Experience in policy development and training techniques.
  • Holds 1 or more Information or Cyber Security Certificates (CEH, CISSP, CISM, CompTIA Security+ or equivalent)
  • Strong organizational, analytical, troubleshooting, and problem solving skills.
  • Ability to work effectively with minimal supervision.
  • Strong interpersonal skills for dealing with end users
  • Ability to interact with people at all levels of responsibility.
  • Ability to work with confidential information.
  • (Ability to read, write and speak English.)
  • (Authorized to work in the United States.)

 

(HUSCO IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER.)

Apply For Job