Senior IT Security Specialist

Title: Senior IT Security Specialist
Location: Houston, TX
Duration: Direct Hire/ FTE
Work Requirements: US Citizen, GC Holders, or Authorized to Work in the US. Candidates represented by sub-vendors will not be considered for this position.
 
Qualified candidates may send a copy of their resume (Word Format) to Slater Davidson at sdavidson@inspyrsolutions.com. 
 
Job Description:
The Senior IT Security Specialist will work as part of the IT Security & Compliance team to manage risks to the information assets and systems of the organization by actively finding and remediating cyber vulnerabilities and threats, improving monitoring for such vulnerabilities and threats, and responding to them. They will also work with IT and other departments to promote secure practices and improve information security processes and policies.

Responsibilities

• Vulnerability scanning and remediation.
• Monitor for changes in the attack surface and risks related to the attack surface.
• Stay current on emerging threats and mitigation strategies.
• Create vulnerability dashboards for various business units.
• Improve security monitoring and incident identification.
• Incident response and resolution
• Improve enterprise-wide security log collection, correlation, and reporting.
• Work with the Security team to improve and automate processes.
• Identify areas for enhanced security controls and mitigations.
• Identify actionable threat intelligence sources and integrate them into the monitoring process.
• Produce reports to communicate security risk and status to upper management.

Knowledge and Experience
The successful candidate will meet the following qualifications:

• Bachelor's degree is preferred.
• Vulnerability Management (scanning and remediation, ensuring patching efforts are timely resolved)
• Log analysis and developing log correlation rules.
• Incident handling experience
• 5+ years' experience in a relevant, dedicated information security role
• Experience with network administration, server administration, and workstation administration
• Excellent verbal and written communication skills are required.

 
The following skills and knowledge are desired:

• Security certifications (CISSP, CISA, Security+, GIAC) are preferred.
• An active member of one or more security associations (ISSA, ISACA, InfraGard, etc.)
• Intrusion detection
• Endpoint detection and response (EDR)
• Risk assessment
• Forensics
• Malware analysis