Job Description

Job Title: Security Administrator
Job Number::20594
Duration of Contract: 5 Months

Our client has an immediate need for a Security Administrator to join their team.  

Opportunity Overview :
  • Brings expertise in IT security monitoring, investigation, and incident response.
  • Responsible for analyzing and responding to alerts generated by various security tools including SIEM, endpoint anti-virus and anti-malware and data-loss prevention technologies
  • Accountable  for become familiarized with all security tooling and to aid in its management and tuning.
  • Contribute to strategic planning by offering insight into the current state of security operations and recommending ways to improve its effectiveness.
  • Seeks out ways to automate the incident response process and to implement technical automation improvements.
  • Will work to resolve additional security tickets not related to incident response.
  • May be called to facilitate or assist in other IT security domains including vulnerability management, penetration testing, digital certificate management, and privileged access management.
  • Serve as a deeply skilled and knowledgeable resource for the corporate SIEM.
  •  Analyze and responds to alerts generated by the SIEM, the analyst will be expected to tune the SIEM to reduce false positives, create custom rules in the SIEM, and advance the capabilities of the SIEM to make it a more effective enterprise security solution.
  • Document and track security incidents and breaches using the corporate GRC platform
  • Develop dashboards and metrics to help track current state of security tooling.
  • Create playbooks which describe standard incident response procedures and the operation of security tooling.
  • Work with security engineering personnel to take over operational duties for new and existing security tools deployed to the environment.
  • Recommend and implement ways to automate the incident response process through the corporate SIEM/SOAR platforms.
Qualifications & Required skills:
  • Deep understanding of information security frameworks, security operations, standard IT processes and challenges.
  • Intimate with technical security solutions, their common uses and capabilities.
  • Process threat feeds to incorporate security intelligence into our threat monitoring capabilities.
  • Understands the impact of high severity security alerts and prioritizes to ensure these alerts are actioned in a timely and effective manner.
  • Recognizes the importance of the role and understands that The Analyst provides one of the first lines of defense to the organization.
  • Experience with leading edge SIEM/SOAR platforms, endpoint protection, CASB/DLP, privileged access management systems, and certificate management.
  • Familiarity with networking and various computer operating systems.
  • Expert knowledge in operating within a standard industry recognized framework.
  • Experience with Tier 2 Incident Response
  • Experience with Splunk ES and Splunk Phantom
Educational Requirements:
  •  BS in Technology or Computer Science related field with three years of experience
  • SANS Institute, CEH, or CISSP certification preferred.

Work location and Additional Info:
Overture Partners is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by federal, state, and/or local law.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online