Title: Information Security Analyst IV
Location: Chattanooga, TN
DIRECT HIRE
Salary: $75,000 - $90,000/year + Benefits
Relocation Assistance: YES
The Information Security Analyst IV works in support of Information Security and Compliance requirements across the Companies organization, collaborating with all departments, customers and partners.
The Information Security Analyst IV will provide planning, technical expertise, and direction regarding computer and network security modeling services for both local and wide area host network resources. In addition to this security modeling the Information Security Analyst IV will be leading the exploit, vulnerability and penetration testing and analysis efforts in support of Company and Companies customers.
This position will also be responsible for tactical incident response service including forensics in addition to performing services like vulnerability assessments, FW/IPS/IDS analysis, security education, and interpretation to customers.
The Information Security Analyst IV is the information security subject matter export and a key member of the Patch Management Program, providing exploit and vulnerability analysis and the investigation and testing of exploits and building remediation following Patch Management processes.
This position will maintain a broad knowledge of current and emerging state of the art computer/network system technologies, architectures, and security products.
Senior level individual Contributor. Works under direction of management in a team oriented environment as well as independently. Responsible for contributing to the management of one or more medium to large-sized highly complex programs and projects.
Experience Required
MUST HAVE
- Hands on recent experience with vulnerability scanners and penetration testing.
- Experience with a SIEM.
- In depth forensic skills.
- To have performed network packet captures for analysis
- Experience in assessments, logging and reporting
- Knowledge of Incident Response
Technical
-Understanding of applicable regulatory requirements including SSAE16 SOC I & II, PCI DSS, FFIEC and HIPAA.
-Familiar with foundation such as ISO 27001, NIST, and COBIT.
-3 years’ experience in Information Security and 3 to 5 years in Information Technology.
-3 years experienced in methodologies and tools for exploiting vulnerabilities (experience with BackTrack tools, vulnerability scanners, Metasploit, and wireless penetration technologies.
Education
-Bachelors Degree in Information Systems or Equivalent Professional Experience
-Proven, broad, in-depth technical knowledge of Security principles and process is required.
-Security Management Certifications or ability to obtain within 12 months (CISSP, CISM, FITSP-M)
-Security Technical Certifications and training focused on Penetration Testing recommended but not required.
-Network Certifications recommended but not required (CCNA, CCNP)