Systems Administrator - Security

Job Overview
Job Order:JO00019907
Date Posted:Jan 22
Category:3 - Information Technology (I/T)
Metro Area:

• Maintain and enhance the next-gen Antivirus platform and its policies, pursuing the implementation of security industry best-practices
• Perform security incident response activities to identify, triage, contain, and eradicate various information technology threats
• Leverage existing technology to identify and communicate vulnerabilities, coordinating remediation efforts with IT operations
• Assist in coordinating yearly penetration testing; Document, analyze, prioritize, and communicate findings with relevant stakeholders
• Communicate cybersecurity concepts and capabilities with the broader IT team. Summarize and report incident metrics and escalations
• Coordinate deployment of company's security controls to acquired companies, remediate any security findings before migration of networks

CrowdStrike Next-Gen Antivirus
• Maintain and coordinate deployment of the CrowdStrike Antivirus agent while testing and enabling new capabilities globally
• Design, test, and implement Prevention, USB device, and Firewall policies utilizing the ITIL change control process
• Leverage the technical capabilities of CrowdStrike to perform malware incident response, remote disinfection, and digital forensics

Security Incident Response
• Process alerts generated by security controls, utilizing the SANS model of incident response to detect, protect, and respond to threats within company. Maintain incident response documentation to identify gaps while seeking their resolution.
• Document and report notable findings to leadership, identifying root cause of security incidents and recommending changes to prevent reoccurrences. Develop and execute corrective action plans where required.
• Utilize existing toolsets to perform digital forensics for advanced malware incidents, and internal policy violation investigations.
• Document and track misconfigurations identified through penetration testing, or daily operations, coordinating remediation efforts

Nessus Vulnerability Management
• Maintain the Nessus vulnerability management platform, diagnosing agent issues, and overall security control health
• Perform ad-hoc vulnerability scanning and maintain regular scan schedules to be provided to IT operations for remediation.
• Coordinate new capabilities with the vendor through weekly cadence calls, testing and deploying new features into production

Indicate the education level, previous experience, specific knowledge, skills and abilities required to meet the minimum requirements for this position. May include specialized skills, licenses, certifications, registrations necessary to accomplish essential job functions.
If not required but desired, indicate “preferred”, “a plus”, “desired”, etc.
• Bachelor’s Degree, or regional equivalent education required, preferably in a related discipline, such as Cybersecurity, Information Systems, or Computer Science
• Additional cybersecurity-related certifications are a plus
• Note: Equivalent experience will be considered for non-degree candidates, However, they must meet (or exceed) many experience requirements identified below.

• 1-3 years related professional experience
Language Skills
• English (fluency in reading, writing and speaking)
• Comptia SEC+, NET+
• SANS Certifications, GCIH a plus
• CrowdStrike CCFA/CCFR
Additional skills
• Experience with PowerShell / Python scripting
• Ability to read information system data, including, but not limited to, security and network event logs and firewall logs
• Experience as a Windows and/or Network Systems Administrator
• Knowledge of firewalls, proxies, and network-based intrusion detection/prevention systems. Windows Firewall familiarity is a plus.
• Knowledge of Windows and Linux server platforms
• Familiarity with dedicated cybersecurity incident response tools such as TheHive
• Communication skills, especially the ability to distill complex technical information into easy-to-understand actionable concepts a plus
• Data analysis skills to identify trends and anomalies. Comfortable gathering and presenting IR and security control performance data