Threat Information Security Analyst
At Drillinginfo, our mission is to provide better, faster decision-making support to the oil and gas industry through our data intelligence and analytics products. We are building an agile development culture that delivers great products to a wide variety of customers. We truly believe that diversity of experience, perspectives, and background will lead to a better workplace for our employees and better products for our clients.
About the Role
The Threat Information Security Analyst shall perform such duties and responsibilities as may be assigned including but not restricted to, the following:
- Continuously monitor and tuning threat management systems used to identify, detect and properly respond to unknowns or alerts triggers. Reconcile threats from multiple data sources, setting event thresholds and updating signatures/sensitivity.
- Research, analyze, test, develop, install, program and implement computer, data and information security controls, interfaces, utilities, programs as well as audit tools that are used to control, manage, protect and monitor information systems and applications across the company.
- Use network, application and open source vulnerability scanning tools along with manual testing to identify vulnerabilities.
- Discussing vulnerabilities/risk with business owners/team members to assist them in working through the remediation process.
- Review/investigate/correlate system logs from a variety of internal and external sources. Monitor audit trails and access on a regular basis for indications of attacks or inconsistencies.
- Respond to unknowns in the environment and document or update procedural response measures to security issues
- Assess third party applications and services for security as part of ongoing due diligence efforts.
- Work on security-related projects, including assessment, design, and deployment of configuration management systems, and perform regular security assessments of existing infrastructure
Competitive Candidate Profile
- Systems administration
- Event and incident response
- Computer forensics/investigative
- Information assurance, systems engineering, network and system administration.
- Information/cyber/network security
- Embedded systems development
- Basic scripting languages and programming
- Hardware and software reverse engineering tools
- Hardware and software vulnerability analysis - computer networking and protocol analysis
Does this sound like it was written for you? Please apply and let's talk!