Security Engineers and Analysts at ICM are experts in the monitoring, prevention, and detection of security threats across ICM cloud environments, office networks, employee workstations, mobile devices, and enterprise applications.
• Contribute to the implementation operations of security solutions in a network, physical, cloud and virtual environment, including identity assurance (multi-factor authentication, identity security solutions), infrastructure security (intrusion detection and prevention, vulnerability management and remediation, remote access, endpoint security tools), and security operations (Security Information and Event Management, and incident investigation/response).
• Sustain the Security Operation functions within the Cybersecurity team, including participating in an on-call schedule for 24x7 cybersecurity operations and response in order to correct issues, minimize exposure, reduce impact and enhance security.
• Develop automated alerting and correlation to analyze and review the current logs, intelligence sources managed security services and monitoring tools to prevent any security issues. • Hunt for threats and enhance tools and processes to identify new threat activity.
• Administrate and automate security information events from web hosting infrastructure, including firewalls, load balancers, web servers, middleware, and applications.
• Provide innovative thinking and strategic planning in terms of best practice, cost management, potential products/services and application of emerging technologies.
• Contribute to security and solutions documentation and management.
• Escalation point and mentor for Helpdesk and Infrastructure teams.
• 5+ years' experience working as a security professional
• Experience in high traffic, public-facing production environment or a global enterprise IT organization
• Experience supporting SentinelOne, Perch, Microsoft Intune, Active Directory, Multi-Factor Authentication, and mobile device management products required
• Working knowledge of Palo Alto Prisma preferred
• AWS and/or Azure or Architectural Experience preferred
• Experience and working knowledge of LAN/WAN communications, network hardware, specifically Cisco routers, switches, bridges, gateways, and firewalls, host and network-based intrusion prevention, anti-malware, familiarity with Cisco and other leading network security solutions, SIEM solutions, securing hosts (Windows, CentOS), patch management, hardening, and experience with authentication and role-based security IDM solutions
• Experience with IPSec VPN, SSL (HTTPS/FTP over SSL, etc.), MFA/2FA, Firewall policy controls, and PKI.
ICM Partners is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee on the basis of age, sex, sexual orientation, gender identity, race, color, creed, religion, ethnicity, national origin, alienage or citizenship, disability, marital status, military status, pregnancy or any other legally-recognized protected basis under federal, state or local laws, regulations or ordinances.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.
Jobcode: Reference SBJ-g3xzkn-54-198-139-112-42 in your application.