Information Security Specialist

Uniti-posted 4 days ago
Full-time • Mid Level
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Information Security Specialist is a crucial member of the Threat Detection and Response (TDR) team, dedicated to safeguarding the Uniti environment against cyber threats. This role involves a blend of expertise in cybersecurity tactics and an analytical mindset to detect, investigate, and mitigate potential security incidents. The Specialist will act as both a subject matter expert and a mentor, fostering knowledge and skills development within the team.

  • Alert Management:Detect and respond to security alerts from both TDR and third-party tooling.
  • Incident Handling:Coordinate a well-structured response to cybersecurity incidents to minimize their impact.
  • Expertise Provision:Serve as a subject matter expert in information security within the organization.
  • Mentorship:Provide guidance and help develop training plans for junior team members.
  • Tool Optimization:Oversee the review and tuning of rules for all TDR tools.
  • SIEM Enhancement:Continuously improve the SIEM system, adjust security tools, log ingestion, and rule sets in response to the evolving threat landscape.
  • Playbook Development:Create incident response playbooks based on SOC escalation metrics.
  • Automation and Streamlining:Develop and drive agile automation solutions to enhance detection capabilities, making use of Security Orchestration, Automation, and Response (SOAR) tools.
  • Threat Modeling:Conduct threat modeling exercises to maintain robust security postures.
  • Threat Hunting:Execute threat hunts on Common Vulnerabilities and Exposures (CVEs) and Indicators of Compromise (IOCs), ensuring effective monitoring.
  • Remediation Documentation:Document remediation strategies to neutralize threats and secure the environment.
  • Technical Escalation:Act as an escalation point for Tier I & II analysts or Managed Security Service Providers (MSSP).
  • Incident Response:Manage the entire incident response process, from initial alert to recovery and post-incident analysis.
  • Log Review and Engineering:Conduct log reviews and engineer the integration of log sources with security tools.
  • Policy and Documentation Maintenance:Ensure the creation and updating of cybersecurity service standards, documentation, and processes.
  • Incident Tracking:Formally document and track incidents from detection to resolution.
  • Performance Metrics:Develop metrics for Incident Response to foster process improvements.
  • Cyber Threat Intelligence:Collect and utilize threat intelligence to bolster defenses against known attack vectors.
  • Threat Classification:Prioritize threats based on intelligence and system alerts.
  • Compliance Assistance:Aid in artifact collection for compliance with standards such as PCI-DSS and SOX.
  • Team Exercises:Engage in Red/Blue team activities and participate in tabletop exercises.
  • Shift Availability:Availability to work on a 24x7 schedule to ensure continuous security coverage.
  • Comprehensive knowledge of network protocols, devices, operating systems, cloud computing, and secure architecture, including proficiency in Windows, Linux, Azure, and Oracle Cloud.
  • Proficiency with SIEM, SOAR, IDS/IPS, EDR, Mail Gateways, Proxy, PKI, SYSLOG, and other network/security components.
  • Proven experience in incident response and remediation.
  • Familiarity with NIST Publications such as SP 800-53, 800-61, 800-70, 800-37.
  • Understanding of IT Security principles, techniques, and technologies.
  • Capability to conduct host and network analysis, including packet capture analysis.
  • In-depth knowledge of the MITRE ATT&CK Framework, and understanding of OWASP, Kill Chain, and other security frameworks.
  • Strong grasp of malware analysis concepts and methodologies.
  • Ability to independently manage initiatives with minimal oversight.
  • Ownership of toolsets or processes within the security domain.
  • Expertise in managing Incidents, Service Requests, Change, and Problem management processes.
  • Experience with current cyber threats and their exploitation tactics.
  • Exceptional analytical and problem-solving skills.
  • Excellent time management and organizational skills.
  • Quick learner for new technologies and concepts.
  • Candidates must possess or be willing to obtain within the first 12 months of employment one of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or SANS Global Information Assurance Certification (GCIH).
  • TPRM programs
  • GRC
  • Medical, Dental, Vision Insurance Plans
  • 401K Plan
  • Health & Flexible Savings Account
  • Life and AD&D, Spousal Life, Child Life Insurance Plans
  • Educational Assistance Plan
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Information Security Analyst Resume Examples
Information Security Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service