Cyber Security Analyst Lead

About The Position

Requirements

• High School Graduate or Equivalent and nine (9) years of related work experience OR 2 Year College Degree and seven (7) years of related work experience OR Bachelor's Level Degree and five (5) year of related work experience OR Master's Level Degree and three (3) year of related work experience or an equivalent combination of education and relevant experience that provides the necessary knowledge, skills, and abilities to successfully perform the essential job duties.
• Must be located in or near Charlotte, NC.
• Must work in office at minimum two days a week.
• Subject to change due to business needs.
• Knowledge of: English grammar, spelling, and punctuation.
• Extensive experience with combining AI and ML models with broader system architectures, including cloud-based infrastructure, software applications, and APIs.
• Extensive experience with cloud security concepts, including the ability to assess existing cloud implementations for security issues, engineering and implementing new cloud security tools, and providing security expertise for DevOps teams.
• Extensive experience with Splunk Enterprise Security, including Search and Reporting, adding new log sources, developing custom parsing rules, administrating forwarders, and deployment servers.
• Extensive experience with basic red team tools such as Nmap, Nessus, Metasploit, or other related tools.
• Extensive experience with red team and penetration testing processes.
• Extensive experience with Security Information and Event Management (SIEM) technologies, including building, administering, operating, and tuning such systems.
• Extensive experience with endpoint hardening techniques, including security controls implemented locally and via policy management systems.
• Extensive experience with endpoint protection and endpoint detection and response (EDR) systems, including building, administering, operating, and tuning such systems.
• Extensive experience with web application security concepts and flaws, including an understanding of how to detect and exploit the most common security flaws found in web applications.
• Extensive experience with risk-based, technical assessments of applications using both dynamic and static scanning tools, as well as manual assessment and penetration testing techniques.
• Extensive experience with IT system security review processes, including threat modeling, and other risk identification techniques.
• Extensive experience with IT system auditing processes for compliance with applicable policies, standards, and regulations.
• Extensive experience with privileged access management and password management systems, including building, administering, operating, and tuning such systems.
• Extensive experience with information security policy and process development, including the ability to clearly document policies and processes.
• Extensive experience with security product evaluation, including requirements development and proof of concept execution.
• Extensive experience with project management concepts, including the ability to coordinate and execute IT security projects.
• Extensive experience with secure system architecture development, including evaluation of system architectures for security threats, advising IT project teams on necessary security measures, and diagraming architectures.
• Extensive experience with system administration, including management of a system’s hardware and software, performing routine maintenance, troubleshooting problems, and management of a system’s full lifecycle.
• Skill in: Strong analytical and problem-solving skills to tackle complex, multi-layered challenges.
• Interpersonal skills necessary to develop and maintain effective and appropriate working relationships.
• Excellent communication and interpersonal skills.
• Able to communicate technical subject matter to an audience with limited technology background.
• Cross-platform skillsets, able to navigate and troubleshoot issues in any modern operating system (Linux, MacOS, Windows).
• Developing automated processes utilizing a Security Orchestration, Automation and Response (SOAR) platform such as Splunk.
• PowerShell and Python scripting languages.
• Applying modern cryptography best practices and certificate management.
• Identifying, analyzing, and evaluating cybersecurity threats and applying software controls to mitigate those risks.

Responsibilities

• Lead and execute security tasks related to technology projects or initiatives.
• Configure and install cyber security systems to include scheduling and attendance of afterhours maintenance windows.
• Lead validation cyber security architectures and documentation.
• Conduct maintenance and monitoring of cyber security systems.
• Provide leadership in response to cyber security incidents.
• Develop remediation plans for any gaps reported in audits or recommended process improvements.
• Lead collaboration with City departments to manage security vulnerabilities or investigations.
• Conduct security research in keeping abreast of latest security issues.
• Lead the coordination of managed security services to implement security initiatives.
• Lead and execute security tasks related to Innovation and Technology security requests.
• Provide advanced leadership in evaluation and implementation of cyber security requirements for technology systems.
• Lead the development of scripts and software to automate cyber security processes.
• Must be able to work efficiently, expeditiously, and independently with limited supervision.
• Perform other related duties as assigned.