Security Analyst II

TechMD is a leading provider of outsourced IT services, cybersecurity, communications, and distributed workforce solutions throughout the United States. As a customer-focused company, TechMD integrates the industry's best technologies and practices for each customer's specific needs. We also serve as an extension of our customers' IT departments, enabling them to innovate and grow their business while helping protect them from the risk of cybersecurity threats. As the company continues to expand its footprint, we are constantly looking for talented individuals to support our growth.

We’re passionate about creating a great place to work for our employees. TechMD is committed to the development and advancement of all employees. We are a highly collaborative organization, and there are many opportunities to learn from your colleagues and advance your career. Work life balance is important to us. TechMD is committed to working with each employee individually to find a schedule that allows them to fulfill their responsibilities both inside and outside of work.

Handles a broad spectrum of cybersecurity tasks to the betterment of the security posture of our clients, security knowledge of our partners, and cybersecurity awareness in our community. The Security Analyst II will perform Risk Assessments, Incident response and have a key role in our growing Managed Security Services division.

1. Leads Client Risk Assessments and performs technical review and GAP analysis of key security controls.
2. Delivers Risk Reports to clients’ Senior Leadership Teams.
3. Reviews data output from tool set to effectively provide clients with strategic roadmap to improve cybersecurity posture.
4. Understands Compliance as it pertains to IT and security. (HIPPA, DFS, NIST, CMMC, NY- DFS/SHIELD).
5. Identifies and recommends measures to improve the security posture of the client’s environment.
6. Develops methods of intelligence collection for the purpose of creating finished intelligence reports.
7. Works with security leadership to develop strategies and plans to enforce computer security requirements and address identified risks.
8. Monitors residual risk, vulnerabilities, and other computer security exposures, including misuse of information assets and noncompliance.
9. Reviews results from the internal and external vulnerability scans and reports to SOC or Client for recommended remediation.
10. Reviews and investigates escalated alerts and incidents from SOC team.
11. Performs Incident response for internal team.
12. Acts as Point of escalation for client IR, review and perform root cause analysis.
13. Creates detailed intelligence reports that outlines Risk level and potential likelihood to client infrastructure.
14. Identifies and recommends measures to improve the security posture of the client’s environment.
15. Provides recommendations and actions for Operations teams, Security teams, and other stakeholders based on timely intelligence information.
16. Manages and qualifies tools to support the collection and analysis of intelligence information.

1. Bachelor's degree from an accredited college in a related discipline.
2. 2-4 yrs. experience with threat intelligence and other security domain experience in mission critical environment.
3. Proficient with common protocols/services (AD, GPO, DNS, DHCP, HTTP, SMTP, RDP, FTP etc.)
4. Excellent knowledge of technical security solutions (firewalls, SIEM, IDS/IPS/ AVs, DLP, proxies, network behavioral analytics, endpoint, and cloud security).
5. Experience in developing, documenting, and maintaining security policies, processes, procedures, and standards.
6. In-depth knowledge and understanding of information risk concepts and principles to relate business needs to security controls.
7. Demonstrated ability to build working relationships with a wide range of operational teams.
8. Network+, CEH, CISM, Security+, GIAC or CISSP certifications preferred.
9. U.S. citizenship required.

Salary range for this role is $75,000-$95,000 annually based on experience and skills. Candidate will need to be in MT or PST and willing to work in that time zone. This is a 100% remote position.