Information Security Analyst

Job Locations US
Job ID
2021-4285
Category
Technology

At Wipfli, people count

 

Our people are core to everything we do — the catalyst behind our ability to create exceptional impact and extraordinary results.

We believe in flexibility. We focus on relationships. We encourage each individual to follow their own path. And we seek feedback openly, from all.

 

People matter here and they feel it.

 

And we value curiosity.  Curious is more than a personality trait. It’s a way of thinking. Of learning. Of working.

There’s purpose in this wonder. It makes us better. It makes us Wipfli.

 

If you want to be in an environment where you can make a difference — and make a professional home — Wipfli is the place for you.

 

Check out our Glassdoor Reviews to hear what people are saying about employment at Wipfli.  Check out our recognition as the Microsoft Nonprofit Partner of the year!

Responsibilities

As a part of the Information Security team the Information Security Analyst will participate in several projects and operational processes for the explicit purpose of supporting the firm’s information security program.

While this position will be focused on conducting security assessments, penetration testing, and audit centric tasks, opportunities to contribute to other security efforts arise as driven by the firm’s needs and the candidate’s capabilities and interests.

 

As such the ideal candidate will operate in one or more of the following cybersecurity disciplines:

 

Penetration Testing and Vulnerability Assessments: 

Help prevent security incidents by identifying, reporting, and tracking the remediation status of security vulnerabilities, control failures, and other relevant issues by performing penetration tests and other assessments of services, products, infrastructure, and environments. 

  • Identify exploitable vulnerabilities and simulate real world attack scenarios by performing penetration tests and other assessments of services, products, infrastructure, and environments. 
  • Perform product security assessments as apart of due diligence efforts. 
  • Conduct Web App Assessments against custom and COTS applications. 
  • Review and report on the results of regular internal and external vulnerability scans. Work with other Firm departments, such as the Internal Information Technology team, to ensure identified vulnerabilities are resolved in a timely manner.  

Threat Hunting:   

Increase the firm’s ability to detect attacks by participating in the Security Operations function via threat hunting and investigations. 

  • Build and execute threat hunting use cases using SIEM, data analytics, and other capabilities within the firm’s security tech stack. 
  • Improve the firm’s ability to protectively detect threats by helping to build SIEM alerting and other content. 
  • Conduct investigations into possible threat actor or otherwise suspicious activity. 

 

Cyber Threat Intelligence: 

Improve the firm’s ability to actualize threat intelligence by processing threat intelligence reports, tracking relevant and observed threat actor behavior, and provide mitigation and other guidance. 

  • Review relevant threat intelligence reports and provide actionable recommendations. 
  • Use firm’s Threat Intelligence Platform to manage observed threat actor behavior and indicators of compromise. 
  • Provide use case guidance for both threat hunting and red/purple team engagements based on relevant threat information. 

Qualifications 

  • Associates Degree in Information Technology/Security or equivalent work experience 
  • Related experience in one or more the previously noted cybersecurity disciplines. 
  • Strong sense of curiosity and a perpetual learner 
  • Strong understanding of threat actor TTPs and the MITRE ATT&CK framework. 
  • Scripting using languages such as Python, Ruby, Perl, PowerShell, Java, or VBScript. 
  • Strong communication skills (written and verbal). 
  • Technology:  
    • Kusto Query Language and KQL based security tools 
    • Metasploit, Kali Linux, Nesses, IP360, Burp Suite, Cobalt Strike, and Nmap 
    • Endpoint Detection and Response 
    • SIEM 

The recruiting team member guiding you through this process is Jane Welch, and you can find her on LinkedIN Here. She is based in our Madison, WI office and looks forward to guiding you through this process.

 

Wipfli is an equal opportunity/affirmative action employer. All candidates will receive consideration for employment without regards to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identify, citizenship status, veteran status, disability, or any other characteristics protected by federal, state, or local laws.

 #LI-JW1 #LI-REMOTE

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Don’t See Your Dream Job? Connect With Us!

Don't see a current position posted for your area of interest, specialty, or are not ready to formally apply at this time?

Use the Join Our Talent Community feature to forward your information to a member of our recruiting team. We will reach out to you very soon and will also keep you posted on any new positions as they become available.