Tuesday, January 7, 2020

Security Analyst

Title:  Security Analyst
Length: 12+ month’s contract
Location: San Francisco, CA

Primary Skills :
- Threat Intelligence
- Incident Response
- Vulnerability Management (VM)
- Penetration Testing

Job Description :
Sr. Security Analyst Threat Intelligence
  • Develop and maintain Threat Intelligence Program
  • Leveraging MSSP
  • Ensure Intelligence is consumable by other teams
  • Provide guidance to teams on how to use intelligence
  • Create reporting dashboards and alerts Incident Response Primary person for researching incidents:
  • Detailed description of incident
  • Work with Legal and any 3rd party companies engaged by Rodan and Fields
  • Impact to R F
  • Steps to contain the incident
  • Remediation Steps
  • Postmortem Vulnerability Management (VM) Will be in charge of the management of the VM program. This will involve working with internal and 3rd party teams to ensure the VM processes are followed. This includes but not limited to:
  • Identify of assets to be covered by the VM program
  • All appropriate policies are created, published and kept current
  • Appropriate teams have read and understand the policies
  • Type and frequency of VM scans to be run
  • Setting the remediation SLAs for vulnerabilities identified by scans
  • Severity will be risk based
  • Provide oversight and guidance on Patch Management process
  • Includes exception process for SLAs and applying patches
  • Validate remediation is completed within the defined SLAs Penetration Testing Perform Penetration Tests on Rodan and Fields properties and work with appropriate teams to remediate any findings Mentor Jr. Analyst Event Monitoring Mentor Jr Analyst in Event Monitoring and remediation. Level 3 support for events. Security Tools Admin Work with Jr Analyst to ensure policies and rules are configured to support Rodan and Fields security posture. Backup for Jr Analyst on supporting these tools. Collaborate with the Security Architect by providing input on the following:
  • Security Architecture
  • ISO 27000x implementation
  • Security Standards
  • Threat Modeling
  • Security Tool selection and use
  • Secure Development Lifecycle
  • Data Loss Prevention/Information Management


Gopichand
Recruiter - Conch Technologies, Inc
Ph: 901-313-3067
E: Gopichand@conchtech.com
Conch Technologies, Inc | 
www.conchtech.com