Information Security Analyst [CrowdStrike (EDR), Splunk (SIEM), Tenable- Atlanta, GA/Hybrid
STI · Atlanta, GA · 5 mo ago
Information TechnologyFull-time
Key Responsibilities
- Conduct continuous monitoring of enterprise systems using CrowdStrike (EDR), Splunk (SIEM), and Tenable (Vulnerability Management).
- Detect, investigate, and respond to potential threats and incidents impacting CUI and overall system security.
- Maintain dashboards, alerts, and reports to ensure proactive detection and escalation of risks.
Vulnerability & Risk Management
- Perform ongoing vulnerability assessments with Tenable, track remediation efforts, and validate closure of findings.
- Support patch management and configuration management processes to reduce the attack surface.
- Deliver metrics and risk posture updates to leadership.
Compliance & Documentation
- Maintain and update System Security Plans (SSPs) to document the implementation of security controls.
- Support external and internal audits (IRS, CMS, SSA, NIST, FISMA) by providing required evidence, documentation, and remediation tracking.
- Aid in compliance with evolving frameworks (e.g., NIST SP 800-53 Rev. 5).
Incident Response
- Triage, analyze, and document security incidents across enterprise systems.
- Collaborate with IT and business stakeholders on containment, eradication, and recovery efforts.
- Deliver incident reports, root cause analysis, and lessons learned documentation.
Security Awareness & Training
- Create and deliver security awareness programs, focusing on CUI handling, phishing defense, and insider threat mitigation.
- Provide specialized training for privileged users and administrators.
- Track participation and measure the effectiveness of awareness initiatives.
Reporting & Communication
- Offer actionable insights through Splunk dashboards, Tenable vulnerability reports, and CrowdStrike incident summaries.
- Present executive-level updates on risks, compliance status, and incident trends.
- Monitor and ensure the timely closure of remediation activities.
Required Qualifications
- Bachelor’s degree in information security, Cybersecurity, IT, or related field; or equivalent 1 year of experience.
- Preference given to candidates with relevant State of Georgia experience.
- Hands-on experience with Splunk, CrowdStrike Falcon, and Tenable Nessus/Tenable.sc.
- Strong understanding of CUI protection requirements and compliance frameworks (NIST, FISMA, IRS Pub 1075, CMS, SSA).
- Experience with incident response, vulnerability management, and risk assessments.
- Strong analytical, documentation, and communication skills.