• Analyze and respond to security events escalated from global security options center.
• Review and monitors dashboards for potential or reoccurring issues.
• Help coordinate cross-functional teams to handle urgent security vulnerability events.
• Manage and drive asset owners to remediate their vulnerabilities within remediation timelines, determine deviations, and escalate when needed.
• Work with suppliers to address vulnerabilities and identified risks.
• Stay on top of emerging information technology trends and threats
• Manage internal sales procurement process
• Support contract drafting & statement of work
• Manage, track & report on budget
• Project management on new & existing workstreams
• Support provisioning & approval of EDU domains 
• Become a subject matter expert in navigating internal systems/tools to execute the above-mentioned responsibilities

Skills: Event Response, Dashboard Monitoring, Team Coordination, Vulnerability Management, Supplier Collaboration, IT Trend Analysis, Budget Oversight, Contract Support

• Organize and maintain the cybersecurity risk portfolio within Snap One’s risk management system
• Work directly with the application, product, and data owners to drive mitigation of known risk
• Define and implement risk ratings, models, and hierarchies to identify the impact, severity, and overall risk of vulnerabilities
• Review red teaming results with key stakeholders providing scoring to prioritize remediation efforts.
• Conduct security awareness training, tabletop exercises and focused training sessions.
• Maintains Information Security policies, standards, procedures, technical security baselines
• Regularly contribute to management reports covering information security risk treatment, mitigation, and risk metrics.
• Evaluate third-party risks resulting from the company’s engagement or use of partners, vendors, suppliers, and technology or data-related products.
• Advise and consult with team and stakeholders in the following control areas required: authentication, authorization, access controls (network and user), secure transmission and storage, encryption/key management, segmentation and network zoning, data flows, third party access, and connectivity and functional purpose
• Familiarity with classes of vulnerabilities and appropriate remediation of industry-standard classification schemes (CVE, CVSS, CPE)

Skills: Risk Management, Vulnerability Analysis, Stakeholder Engagement, Security Training, Policy Maintenance, Risk Reporting, Vendor Assessment, Remediation Prioritization

• Perform daily monitoring of security tools and oversee remediation of items and/or alerts identified. 
• Provide responsive support for events and incident identified during normal working hours as well as outside normal working hours. 
• Respond to inquiries regarding security controls. 
• Perform in-house and third-party vulnerability testing, social engineering, conduct risk analysis and security assessments and oversee remediation and post-remediation testing activities. 
• Research the latest information (IT) security trends and recommend appropriate security tools and countermeasures. 
• Respond to and manage disruptive events/incident within the firm, analyze and investigate to determine if alerts or events warrant incident classification. 
• Assist with or perform incident response technical activities to minimize impact on the firm. 
• Monitor, track, and document information security related issues and threats to ensure prompt resolution. 
• Assist in defining enterprise level security policies and actively enforce these procedures. 
• Development of security related training materials and assist with the delivery of training to staff to understand security and implement the right strategies. 
• Assist in overseeing vendor security program to define, implement and maintain corporate security policies
• Rrain fellow staff in security awareness and procedures and other projects 
• Research and stay up-to-date on industry standards and any new vulnerabilities and risks. 

Skills: Security Monitoring, Incident Support, Vulnerability Testing, Risk Management, Trend Research, Event Analysis, Policy Enforcement, Security Training

• Analyze, investigate, respond, and recover from/to cybersecurity incidents, events, and threats as per the incident response lifecycle
• Working alongside senior engineers and subject matter experts (SME) to evaluate and select assessment tools and other cybersecurity technologies to enhance security solutions
• Deliver IT risk and security assessments of client's network infrastructure and systems
• Understand and mitigate security concerns and IT risks
• Evaluate and assess different security technologies to appropriately expand Aligns cybersecurity portfolio
• Assist with business solution proposals and sales presentations
• Contribute to thought leadership by helping to author informational white papers and conducting training sessions with new products/technologies to increase the Align knowledgebase
• Ongoing learning and continually staying abreast of relevant industry updates and changes via conferences, training and events
• Work with Align, partner and vendor SMEs to conduct security technology evaluations, security assessments and security program development
• Engineer security solutions to mitigate risk and provide strategies to improve the security posture of clients and internal environments

Skills: Incident Response, Tool Evaluation, Risk Assessment, Security Mitigation, Technology Assessment, Proposal Support, Thought Leadership, Solution Engineering

• Contributes as needed with Identity and Access Management (IAM) duties including user account provisioning, password vaulting, periodic access review, and encryption key management
• Assists with cyber-threat monitoring and Security Operations Center (SOC) duties
• Performs daily security operations duties including handling service requests from Business and IT teams.
• Updates standard operating procedures and as-built documentation
• Provides security awareness training (e.g. Phishing Email simulations) and security policy consultation (e.g., password requirements)
• Routinely publish performance metrics
• Develop and maintain security tools, techniques and procedures to facilitate security testing, vulnerability detection, validation and mitigation
• Continually improve security posture and provide hands-on cybersecurity support to address IT security issues 
• Work closely with clients and Align Managed Services team to implement policies and technology to secure information, computer, network and processing systems
• Collect, report and continually enhance security metrics

Skills: IAM Management, Threat Monitoring, Security Operations, Procedure Updates, Security Training, Metric Analysis, Tool Development, Policy Implementation

• Follow and re-enforce Privacy and Security policies and guidelines
• Working knowledge of information/cybersecurity, infrastructure vulnerabilities, and network security products (hardware and software)
• Identify malicious or anomalous activity based on event data from SEIM, firewalls, WAF, IPS, and other sources
• Comprehend all aspects of Cybersecurity and apply technical application security testing expertise to assist in identifying weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data
• Make recommendations in terms of accepting, mitigating and escalating risk.
• Handling security events/incidents as part of an Incident Response team
• Ensure the integrity and confidentiality of access to designated corporate and customer applications, databases, servers, and other systems.
• Develops and presents finding and remediation reports to audiences including team members from all department areas and levels of the company
• Perform security reviews of software designs and assist developers in ensuring quality and robustness of internal products
• Oversee enforcement of policies and procedures for system security administration and user system access, based on industry-standard best practices.
• Constantly review security standards and ensure all future works are well governed.
• Responsible for the maintenance of Identity and Access Management System related to Role Based Access Control.
• Propagate security awareness among employees

Skills: Policy Enforcement, Vulnerability Identification, Incident Handling, Risk Assessment, Security Testing, Access Management, Security Review, Awareness Training

• Provides leadership, vision, and a strong understanding of Information Security domains and the common book of knowledge as well as an understanding of security governance process.
• Ability to document implementation of security controls and enhancements
• Lead the implementation of new L1 SOC initiatives and security measures
• Planning, analysis, design, development, testing, quality assurance, configuration, installation, implementation, integration, maintenance, and/or management of the SIEM solution and other security tools used by the L1 SOC.
• Meets organizational goals and exceed industry best practices and requirements to ensure the security of the Stryker assets.
• Create and communicate metrics that describe progress
• Drives the adherence to security policies, security programs and plans, and integrates and coordinates execution of security policies.
• Work with development teams on addressing the findings
• Evaluation of new testing methodologies relevant to the organization
• Contribute to continuous improvement of the testing approach
• Support the test installation of products in the lab

Skills: Security Leadership, Control Documentation, SOC Initiative Leadership, SIEM Management, Best Practice Adherence, Metrics Communication, Policy Integration, Testing Support

• Monitor the Virtua network/systems for anomalous activity. 
• Assist with vulnerability scanning and remediation. 
• Ensure that the confidentiality, integrity, and availability requirements of information systems and assets are identified and managed appropriately. 
• Monitor and assess email security threats and update security solutions 
• Participate in internal and external security audits 
• Assist with establishing and updating documentation and processes to ensure mitigation of risks.
• Conduct security assessments through vulnerability testing and risk analysis 
• Ensures ongoing analysis of information security threats, vulnerabilities, and trends. 
• Monitor threat intelligence feeds and update security tools
• Support team with projects and daily problem resolution with regards to security incidents.
• Adheres to IS Business Practices and available for 24/7 support

Skills: Network Monitoring, Vulnerability Management, Information Assurance, Email Security, Audit Participation, Risk Documentation, Security Assessment, Threat Intelligence

• Manage the ecosystem of log management technologies (Splunk UF, Farebeats WEF, etc.) including data lakes and SIEM solutions (Splunk, ELK).
• Monitor, triage and analyze log data, network traffic and/or alerts generated by a variety of security technologies in real-time, escalate and write up security incidents report detailing its characteristics and containment activities to the line management.
• Research new threats/vulnerabilities and ensure appropriate detections capabilities are in place to identify and response to them.
• Deployment and tuning of new rules and SIEM content (creation and updating of the SOC documents set (e.g., use cases playbooks, etc.).
• Support the log onboarding process (creation and updating of the SOC documents set related to log onboarding, develop log parsers, etc.) and in the CSIRT functions in case of security indecent.
• Continuously assess and analyze network traffic and work with members of team to act as necessary once an intrusion attempt is made
• Conduct extensive malware analysis and forensic analysis on compromised systems and work with appropriate agencies if any systems become compromised
• Provide recommendations and offer expertise to team on analysis and intrusion procedures and work with different intrusion detection and/or intrusion prevention systems

Skills: Log Management, Incident Reporting, Threat Research, SIEM Tuning, Log Onboarding, Traffic Analysis, Malware Forensics, Intrusion Expertise

• Proactively access alerts and signatures for effectiveness which can be implemented in response to new or observed threats within network environment(s).
• Monitor external data sources to maintain constant awareness of threat condition(s) and determine which security issues may have an impact on PCI or its clients.
• Collaborate with operation teams to build novel detections, establish repeatable processes, and drive automation for containment and remediation activities.
• Analyze and define data requirements and specifications for log ingestion from various data sources.
• Conduct time-sensitive analysis during cyber investigations, contextualizing identified impact and informing leadership to actively respond to emerging risks.
• Maintain alert and response processes and documentation as well as countermeasure processes.
• Develop, update, and maintain runbooks which provide guidelines to operations personnel to detect and respond to cyber-incidents effectively and efficiently.
• Identify and enhance processes where automation has the potential to improve efficiency.
• Perform vulnerability, penetration tests and internal/external security audits.
• Analyze security breaches to identify the root cause.
• Continuously update the company’s incident response and disaster recovery plans.
• Configure security system, analyze security requirements, and recommend improvements.

Skills: Alert Assessment, Threat Monitoring, Detection Collaboration, Data Specification, Cyber Analysis, Process Documentation, Automation Enhancement, Security Testing

• Professional experience in positions related to manage, design, implementation, maintenance or support cybersecurity solutions,
• Capability to develop professional documents in the form reports, analysis, methodologies in the English language
• Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, Firewalls, IAM, IDS/IPS, End Point Protection, Authentication and Authorization control, Cloud etc.)
• Knowledge of security concepts especially network architecture, segmentation, defense in depth
• Full professional proficiency in English
• Completed technical higher education in the field of industrial automation, computer science, electronics or relevant
• Knowledge of network technologies and protocols
• Experience with firewalls, intrusion detection systems, and anti-virus systems
• Programming and debugging experience, experience with PowerShell or other scripting languages
• CISSP, CISM, CEH or similar certifications
• Proficient with Microsoft Office products (Word, Excel, PowerPoint)

Qualifications: BS in Cybersecurity with 2 years of Experience

• Experience in project management, issue tracking and/or other meaningful data analysis.
• Operational experience assessing, reviewing, and remediation of infrastructure vulnerabilities, CVE's, and risks.
• Operational experience working with on-prem infrastructure, cloud technologies and containerized environments.
• Knowledge of third-party software vulnerabilities, security threat landscape, especially network and server threats.
• Knowledge of cyber security threats and risks, cloud computing environments, and traditional IT infrastructure technologies.
• Knowledge of AWS, Azure and other cloud service providers.
• Knowledge of compensating controls and mitigating factors.
• Knowledge of Information Security frameworks, guidelines and standard methodologies.
• Knowledge of the Windows and / or Linux operating systems
• Knowledge and understanding of Cybersecurity controls and logging and monitoring tools.
• Knowledge of metrics and reporting with the use of data visualization tools such as Tableau
• Demonstrate data analytics and proven Project Leadership skills

Qualifications: BS in Computer Science with 3 years of Experience

• Experience in network, systems, and/or security operations.
• Advanced knowledge of any programming or scripting language.
• Previous experience working in security operations center with responsibility for real-time monitoring and incident response.
• Experience with Linux operating systems.
• Experience with web browsers and associated technologies (proxies, CASB, etc.) and associated security issues
• Strong critical thinking skills that facilitate implementation of an organizational Cybersecurity program.
• Robust ability to weigh security controls against technical and administrative standards.
• Strong knowledge of Cybersecurity disciplines such as USCYBERCOM OPORD and TASKORD, continuous monitoring and reporting, vulnerability analysis and remediation.
• Experience with various security assessment/hardening tools - STIG, SCAP, checklists, Nessus, etc.
• Proven project management skills in setting priorities to meet project deadlines.
• Proficient with Microsoft Office products (Word, PowerPoint, Excel, Visio).

Qualifications: BS in Information Technology with 5 years of Experience

• Ability to assess testing tools and deploy the right ones
• Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
• Extensive experience with IBM’s Qradar
• Ability to analyze event and synergize logs to create a picture of the event and potential risks
• Flexibility to change direction and manage conflicting demands and emergencies
• Comfortable working in a fast-paced environment
• Knowledge of networking protocols and security implications
• Knowledge of IP networking and network security including Intrusion Detection
• Extensive Windows, Linux, Database, Application, Web server, etc. log analysis.
• Trouble ticket generation and processing experience
• Programming experience with C, C++, C#, Python, HTML, JavaScript, .NET.

Qualifications: BS in Information Systems with 4 years of experience

• Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, Nessus, vulnerability scanners, Kali Linux, and Nmap.
• Some experience with system hardening guidance and tools
• Security documentation experience, threat reporting and assessing diagnosis
• Strong verbal/written communication and interpersonal skills to effectively communicate findings, escalate critical incidents, and interact with leadership
• Experience on an Incident Response team performing Tier I/II initial incident triage and deep analytical investigation as needed to understand the threat and address it
• Solid knowledge and experience using a SIEM and other related solutions such as artificial intelligence and user behavior analytics
• Scripting skills and reverse engineering experience 
• Past experience in using problem solving techniques and developing solutions

Qualifications: BS in Network Security with 3 years of Experience

• Computer, infrastructure (full tech stack) and operating system knowledge.
• Ability to multi-task, adapt to changes quickly and handle heavy ticket volumes.
• Ability to match resources to technical issues appropriately.
• Understanding of support tools, techniques, and how technology is used to provide Cybersecurity services.
• Self-motivated with the ability to work in a fast-moving environment.
• Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.
• Knowledge of the NIST CSF, 800-171 and 800-53, CIS Top 20.
• Knowledge of confidentiality, integrity, and availability principles.
• Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
• Knowledge of cyber threats and vulnerabilities.

Qualifications: BS in Software Engineering with 2 years of Experience

• Experience working in the Information Technology field.
• Experience directly related to the area of incident response, digital forensics, malware analysis, threat hunting, cyber threat intelligence, or content development/tuning.
• Experience working with Cloud and/or ICS/SCADA environments
• Be a team player committed to the mission and continuous development of the Cyber Threat Action Center, peers, and client customers.
• Experience with programming and scripting languages, preferably Python and PowerShell.
• Strong written and verbal communication skills, must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
• Be available for on-call duty to handle high-impact cybersecurity incidents.
• Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, DNS and directory services.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.

Qualifications: BS in Computer Engineering with 3 years of Experience

• Solid knowledge of information security, security awareness, zero-trust, web and mobile application security and application of standards and frameworks related to secure software development (e.g. OWASP, SANS)
• Knowledge of automated code testing tools and frameworks (SonarQube, Fortify) and of Automated Vulnerability Assessment Scanners
• Ability to rapidly comprehend the functions and capabilities of new technologies. 
• Solid knowledge of relevant technologies, methodologies and tools and security implications
• Ability to estimate the financial impact of security alternatives. 
• Demonstrated experience in the use of SIEM ex: Arcsight, Exabeam, Elasticsearch, Splunk 
• Strong ability to analyze data and detect anomalies.
• Ability to exercise judgment and discretion with confidential information.
• Strong programming skills (Python).
• Strong ability to be creative in resolving issues and understand technical issues
• Strong ability to write and maintain technical documentation.

Qualifications: BS in Electrical Engineering with 1 year of Experience

• Good written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
• Good interpersonal, negotiation, and influencing skills
• Ability to facilitate discussions around issues and bring them to resolution
• Good analytical and problem-solving skills coupled with thoroughness and attention to detail
• Good understanding of industry practices and metric reporting fundamentals.
• Ability to optimize and condense information and transform data into easily understandable concepts.
• Basic technical skills in MS Excel, PowerPoint, Word, and Project
• General knowledge of security controls for the handling of Personally Identifiable Information (PII) data, regulations and security compliance requirements affecting financial institutions (FFIEC/GLBA)
• Knowledge of environments: Unix, Google Cloud Platform, Network Security Monitoring.
• Good teamwork skills and demonstrated interpersonal skills.
• Show leadership and enjoy sharing knowledge.

Qualifications: BS in Mathematics with 4 years of Experience

• Knowledge skills and ability to support the management and oversight of the Department’s FRCS cybersecurity programs.
• High level of experience in developing DoD policy, guidance and tools to aid the DoD Components in implementing programs to cybersecure FRCS on DoD installations.
• Extensive working knowledge and comprehensive understanding of the DoD Planning, Programming, Budgeting and Execution (PPBE) processes relevant and current DoD cybersecurity policies and mandates, particularly those related to FRCS cybersecurity as well as current CIO, CISO and CYBERCOM cybersecurity requirements.
• Professional experience in cybersecurity management, network administration, network engineering, network defense advanced securities, project management, database administration, or cyber risk mitigation.
• Knowledge of DOD organization and structure Clearance: TOP SECRET (SCI eligible)
• Strong understanding of Windows and Linux, operating systems in desktop and server environments
• Ability to obtain and maintain a Secret Clearance
• Extensive knowledge and hands-on experience with SIEM technologies and other forensics, evidence collection, and incident remediation tools.
• Knowledge of regular expressions and at least one common scripting language (e.g. PERL, Python, PowerShell).

Qualifications: BA in Criminal Justice with 10 years of Experience