Infrastructure Security Analyst and SOC Administrator (Remote)

Infrastructure Security Analyst and SOC Administrator

Location: Remote

About Us:

Known for “Delighting the Client” through performance, innovation, and an employee-centric culture, S2Tech is a fast-growing IT consulting company serving clients in over a quarter of the United States. We are widely recognized as a leading provider of both technical and business services in support of Health and Human Services related projects. Feel free to learn more at www.s2tech.com.

Why S2Tech?:

• Stable privately-owned company with a strong reputation for building long-term client relationships through the delivery of consistent value-based service
• 25-year history of providing IT and Business services to private customers and government programs throughout the United States
• Expansive client portfolio and active projects – employees benefit from innovative project exposure and in-house skill development training/courses  
• Corporate culture that emphasizes the importance of family and promotes healthy work-life balance
• Offer competitive pay and a range of benefits including:
• Medical / Dental / Vision Insurance – insurance premium assistance provided
• Additional Insurance (Life, Disability, etc.)
• Paid Time Off (Vacation & Sick Leave)
• 401(k) Retirement Savings Plan & Health Savings Account
• Various training courses to promote continuous learning
• Corporate Wellness Program
• Be part of a company that gives back through its non-profit organization, Fortune Fund, which was launched in 2001. The goal of the Fortune Fund is to close the rural/urban divide by ensuring children in rural communities in India and the United States understand the importance of education & are aware of professional career opportunities allowing them to link their professional & educational goals

Job Overview:

We are seeking a highly skilled and experienced Infrastructure Security Analyst and SOC Administrator to join our team. The successful candidate will perform end-to-end network security assessments, manage SOC operations, and conduct vulnerability management. You will play a key role in security monitoring, incident response, and continuous improvement of our organization's security posture. Your work will involve data collection and analysis to identify suspicious activity and reduce risks.

Responsibilities:

• Perform day-to-day administration and troubleshooting of the SIEM platform (Cortex XSIAM)
• Manage moves, adds, changes, and updates to SIEM rule sets
• Develop and maintain incident response plans and playbooks for handling various security incidents
• Serve as the primary resource for troubleshooting, engaging with end users, and providing leadership on outage bridges
• Monitor SIEM platform services and processes for ongoing health and security status
• Integrate log sources and other security solutions into the SOC environment seamlessly
• Collaborate with the security team to implement and fine-tune detection use cases and rules
• Utilize SOAR (Security Orchestration, Automation, and Response) platform for case management and information gathering
• Conduct network vulnerability scans and compliance scans using tools such as Nessus, Nexpose, Qualys, etc.
• Design system security architecture and develop detailed security designs
• Configure and troubleshoot security infrastructure devices to ensure their optimal performance
• Write comprehensive reports detailing findings, outcomes, and recommendations for enhancing system security
• Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and attack techniques

Qualifications:

• Bachelor’s degree in Computer Engineering, Computer Science, or Information Systems Management
• More than 7 years of hands-on experience in SIEM platform maintenance, administration, and integration of multiple log sources
• Experience creating and managing rule sets for security monitoring within a SIEM platform
• Strong ethics and an understanding of business and information security ethics
• Experience performing vulnerability scans using Nessus, Nexpose, Qualys, or similar tools
• Ability to understand and communicate vulnerability scan results with technical teams and mitigate risks
• Hands-on experience with security systems such as firewalls, IDS/IPS, anti-virus software, authentication systems, and log management
• Knowledge of network technologies, system security, and network monitoring tools
• Thorough understanding of security principles, techniques, and protocols
• Familiarity with web-related technologies and protocols (Web applications, Web Services, SOA)
• Strong problem-solving skills and the ability to work under pressure
• Professional reporting skills, with the ability to present findings to both technical staff and executives
• Possess current security certifications (e.g., CISSP, CEH)
• Possess IT networking certifications (e.g., CCNA, MCSP)

Optional Experience (a plus):

• Experience with attacks and mitigation methods, with expertise in one or more of the following areas:
• Network protocols and secure network design.
• Operating system internals and hardening (e.g., Windows, Linux, OS X, Android).
• Web application and browser security.
• Authentication and access control.
• Security monitoring, intrusion detection, incident response, and forensics.
• Development of security tools, automation, or frameworks.

S2Tech is committed to hiring and retaining a diverse workforce. We are an equal opportunity employer making decisions without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected class.