Information Security Analyst IV

The Security Tools Engineer administers, monitors, and maintains security infrastructure, including application and container security tools, security orchestration solutions, SIEM, network security tools, system logging and analysis, endpoint security tools, and vulnerability management systems. The role also involves implementing and maintaining corporate security standards, technologies, and programs.

The Security Operations Engineer plays a key role in the information security team, ensuring best practices are followed and that security tools and processes are current. Candidates should have a security and systems engineering background, excellent communication skills, and the ability to articulate security policies to the business.

1. Build and maintain complex technical infrastructure supporting a secure platform that protects data at rest and in transit.
2. Collaborate with enterprise and business owners to identify endpoint coverage scope and analyze operating systems and security toolsets.
3. Provide technical guidance on industry tools and best practices in endpoint security.
4. Monitor and maintain security tools that enforce security policies and capabilities.
5. Manage enterprise security systems, focusing on minimally impactful security implementations.
6. Enhance efficiencies through automation and orchestration solutions.
7. Administer system infrastructure within public/private/hybrid environments.
8. Stay updated on security trends and assess systems for proper configuration and defense.
9. Deploy and correlate threat intelligence and vulnerability management solutions.
10. Handle day-to-day security operations, including onboarding/offboarding security agents, user access, system security, configuration changes, upgrades, and ensuring system availability and disaster recovery.
11. Serve as a point of contact for incident response, SOC analysts, application engineers, and security management.

• Extensive experience with Cloud infrastructure, preferably AWS (EC2, ECS, Route53, SNS, Lambda, CloudWatch, Secrets Manager, RDS).
• Experience with configuration management tools (Ansible, Chef) and infrastructure as code (Terraform, CloudFormation).
• Scripting skills in Python or Go.
• Experience administering SIEM solutions, including log data ingestion configuration.
• Managing various security tools (SOAR, SIEM).
• Understanding of authentication/authorization (RBAC, IAM).
• Proficiency with Splunk and related SIEM and SOAR technologies (Cribl, Demisto).
• Experience integrating internal platforms with SaaS solutions like Tenable and SentinelOne.
• Building Docker containers.

1. Extensive experience with Splunk and related SIEM and SOAR tools (Cribl, Demisto).
2. Extensive experience with Cloud infrastructure (preferably AWS) - EC2, ECS, Route53, SNS, Lambda, CloudWatch, Secrets Manager, RDS.
3. Experience with configuration management tools (Ansible, Chef) and infrastructure as code (Terraform, CloudFormation).

• Cybersecurity experience.
• Media or entertainment industry experience.

Exceptional verbal and written communication skills, capable of engaging with both senior executives and technical teams.

• SPLUNK Admin certification.
• AWS certifications.

Location: Silver Springs (flexible). This role offers broad security experience across EDR, SIEM, SOAR, and Vulnerability Management. For more information, visit https://www.mindteck.com/career/life-at-mindteck.html.

Mindteck is an Equal Opportunity Employer, considering all qualified applicants without discrimination based on race, religion, color, national origin, sex, sexual orientation, gender identity, age, veteran status, disability, or other protected traits.