- Performs network security monitoring, security event triage, and incident response for the organization, coordinates with other team members, management to document and report incidents.
- Maintains records of security events investigated and incident response activities, utilizing case management and ticketing systems.
- Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and Event Management (SIEM) to identify security issues for remediation.
- Makes recommendations, creates, modifies, and updates Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules.
- Ensure that we are implementing best practice security policies that address the client's business need while protecting their vital corporate assets.
- Evaluates firewall change requests and assess organizational risk.
- Provide support for ongoing projects by assisting in the implementation, testing and documentation of security related projects.
- Participate in the planning and direction of security risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of CPSI's information assets to determine exposure and compliance levels.
- May be engaged in other information security or risk management projects.
- Other duties as assigned.
- Above all else: A passion for real-world Information Security.
- Demonstrated desire to continuously learn and improve skills.
- Ability to apply analytical concepts for problem solving.
- Ability to work well as part of a team.
- Excellent communication skills.
- Highly detailed.
- Knowledge of common internet attacks to include various types of fraud and scams.
- Basic understanding of Unix/Linux command line.
- Knowledge of Internet and Network concepts such as IP sub netting, DNS, HTTP, SMTP, etc.
- Relevant education or experience relating to the IT industry.
- SIEM experience.
- Basic Network/System traffic/event analysis.
- Basic Vulnerability Management.
- Security Event Log monitoring.
- Intrusion Detection/Prevention Monitoring.
- Comfortable with impromptu tasking and loosely defined requirements
- Willingness to obtain industry certifications (Security+, CISSP, CEH).
- Bachelor’s Degree in IT, IT Security, or Related Field.
- Experience working in a SOC or in an IT/Network role.
Apply for a position in: