Information Security Specialist/Analyst III - Information Solutions (Remote)

About The Position

Requirements

• A Bachelor's degree in information security, information assurance, computer science, or a related field with 5 years of IT security experience; or 10 years of hands-on experience in information security or related IT experience required, at least 6 of which must be directly related IT security experience; or a Master's degree in information security, information assurance, computer science, or a related field, and 3 years of IT security experience required.
• Advanced knowledge of information security principles, risk management, and regulatory compliance (HIPAA, FERPA, NIST, etc.).
• Strong analytical and problem-solving skills with the ability to make decisions under pressure.
• Hands-on experience with Crowdstrike EDR, SIEM, IDS/IPS, vulnerability management, and threat intelligence tools.
• Familiarity with cloud security (Azure, AWS) and identity management solutions.
• Advanced Understanding on the administration and securing of various operating systems and enterprise applications with advanced security best practices.
• Excellent written and verbal communication skills, with the ability to translate technical findings into business-relevant language.
• Mentor junior analysts and contribute to the development of security standards, procedures, and playbooks.

Nice To Haves

• CISSP, CISM, GIAC, or equivalent.

Responsibilities

• Network Security Monitoring and Incident Response: Serve as a lead escalation point for security incidents, overseeing detection, investigation, containment, and remediation within a CrowdStrike EDR environment across a healthcare infrastructure. Experience with Microsoft Defender for Endpoint EDR is also desired. Analyze findings from security monitoring systems, including Intrusion Detection/Prevention Systems (ID/PS) and Security Information Event Management (SIEM) consoles, to identify and respond to potential security incidents and data breaches. Perform cyber security incident handling, tracking and reporting. Utilize professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. Respond to relevant service requests received from end users (e.g. for investigation of security events). Collaborate with internal Security Operations Center (SOC) teams and external Managed Security Service Providers (MSSPs) to contain and remediate security incidents.
• Security Technology management: Configure, manage, and optimize SIEM platforms (Crowdstrike and/or Microsoft Sentinel) to enhance threat detection and response capabilities. Lead and manage large scale security-related projects, including tool implementations, upgrades, and process improvements.
• Vulnerability Management: Conduct vulnerability assessments to identify security risks and report findings to system owners. Manage workflows to ensure that protected assets are properly assessed in a timely manner.
• Threat Analysis Continuously evaluate and update analytics to counter evolving Threat Actor tactics, techniques, and procedures (TTPs). Perform risk assessments and translate business requirements into effective security controls. Maintain comprehensive documentation and present findings to stakeholders in a clear and actionable manner.
• Security Awareness: Create and deliver security awareness training for technical and non-technical audiences.