September 24, 2024

Atlas Systems

Cyber & Information Security-SV-P1

About Us:
Atlas Systems Inc. is a Software Solutions company headquartered in East Brunswick, NJ. Incorporated in 2003, Atlas provides comprehensive range of solutions in the area of GRC, Technology, Procurement, Healthcare Provider and Oracle to customers across the globe. Combining our unparalleled experience of over a decade in the software industry and global reach, we have grown with extensive capabilities across industry verticals.
For more information, please visit our website https://www.atlassystems.com/

Cyber & Information Security

Please click on the link below to apply for this position:

https://atlas.bamboohr.com/careers/386

Job Location- Boston/Bangalore

Role:
Provide daily security operations, including system administration, maintenance and troubleshooting of role and user access associated with clients Information Security technology stack. Investigate security alerts generated from MDR platform, additional security platforms and any phishing-related attempts.

Understand and apply information security best practices, standards, technology tools, systems, policies and processes that are required to ensure the protection of access to and modification of sensitive data including financials, Personal Identifiable Information (PII) and compliance with Data Privacy policies. Ensure that security is properly configured, and ongoing governance is in place to avoid Segregation of Duties (So D) conflicts and support security configuration and testing activities associated with implementations.

Job Responsibilities:

Understand and apply information security best practices, standards, technology tools, systems, policies and processes that are required to ensure the protection of access to and modification of sensitive data including financials, Personal Identifiable Information (PII) and compliance with Data Privacy policies
Strong focus on application and Azure. Experienced candidates with Cloud and application focus will be considered.
Partner with Internal, External and Compliance auditors to perform audits and information gathering to ensure compliance with published policies
Serve as point of contact to SMEs for their Security needs and ensure best practices are effectively communicated and implemented.
Contribute to the implementation of auditing and risk management tools, processes and metrics.
Assessment of Vendor/3rd party suppliers
Manage Privileged Access Management with Delinea Secret Server
Manage detection, triage, and remediation of security incidents
Work with Rapid7 Managed Detection and response service to triage detected security events across security toolset
Prioritize and appropriately remediate security events
Manage and expand data feeds into platform
Document security events and suggest and implement improvements, as needed, to better protect against future security incidents
Maintain vulnerability management program with Tenable Nessus
Identify relevant security vulnerabilities from vendor notifications and automated and manually vulnerability scanning
Coordinate periodic third party penetration tests, including dynamic and static code reviews with Veracode
Coordinate with system owners to schedule and remediate identified security vulnerabilities
Track outstanding vulnerabilities and follow up until mitigated appropriately
Manage endpoint security program with Crowd Strike Falcon
Utilize existing toolset including traditional signature based AV, next-gen anti-malware, and application whitelisting
Manage and ensure optimal operation of endpoint security toolset
Curate relevant indicators of compromise (IOCs) to be added into EDR rule set
Build and manage Data Loss Prevention (DLP) program with Mc Afee DLP and Netskope
Mature existing DLP reporting program to identify incidents of company data loss, test new cases and deploy into production
Develop DLP incident detection and reporting process

Requirements

4 to 10+ Experience
3+ years of hands-on operational experience (from a security operational and incident response perspective)

Active Directory (On Premesis, Azure AD, conditional access)
Next-Gen Firewalling (Palo Alto highly preferred)
Endpoint Security tools (Crowd Strike Falcon next-gen AV, EDR, and zero-trust application whitelisting highly preferred)
Multi-Factor authentication (Duo preferred)
CASB and cloud security (Netskope preferred)
Vulnerability Scanning(Tenable Nessus preferred)
Network Behavioral Monitoring (Cisco Stealthwatch)
SIEM / event monitoring and reporting(Rapid 7 IDR)
Wireless Network Monitoring (Cisco Meraki)
Office 365
Spam and Phishing email analysis and response (Know Be4)
Operational experience preferred
Cisco ISE / 802.1x and Trust SEC
Application Security
Azure Cloud
Ability to triage and prioritize operational and project-based work
Ability to communicate effectively with technical and non-technical audiences
Ability to document processes and procedures
General understanding of the 7 OSI layers, OWASP Top 10 Security Threats, CIS Top 20 Critical Security Controls