Cyber & Information Security-sv-p1

About Us:
Atlas Systems Inc. is a Software Solutions company headquartered in East Brunswick, NJ. Incorporated in 2003, Atlas provides comprehensive range of solutions in the area of GRC, Technology, Procurement, Healthcare Provider and Oracle to customers across the globe. Combining our unparalleled experience of over a decade in the software industry and global reach, we have grown with extensive capabilities across industry verticals.

**Cyber & Information Security**

**Job Location
- Boston/Bangalore**

Role:
Provide daily security operations, including system administration, maintenance and troubleshooting of role and user access associated with clients Information Security technology stack. Investigate security alerts generated from MDR platform, additional security platforms and any phishing-related attempts.

Job Responsibilities:

- Partner with Internal, External and Compliance auditors to perform audits and information gathering to ensure compliance with published policies
- Serve as point of contact to SMEs for their Security needs and ensure best practices are effectively communicated and implemented.
- Contribute to the implementation of auditing and risk management tools, processes and metrics.
- Assessment of Vendor/3rd party suppliers
- Manage Privileged Access Management with Delinea Secret Server
- Manage detection, triage, and remediation of security incidents
- Work with Rapid7 Managed Detection and response service to triage detected security events across security toolset
- Prioritize and appropriately remediate security events
- Manage and expand data feeds into platform
- Document security events and suggest and implement improvements, as needed, to better protect against future security incidents
- Maintain vulnerability management program with Tenable Nessus
- Identify relevant security vulnerabilities from vendor notifications and automated and manually vulnerability scanning
- Coordinate periodic third party penetration tests, including dynamic and static code reviews with Veracode
- Coordinate with system owners to schedule and remediate identified security vulnerabilities
- Track outstanding vulnerabilities and follow up until mitigated appropriately
- Manage endpoint security program with CrowdStrike Falcon
- Manage and ensure optimal operation of endpoint security toolset
- Curate relevant indicators of compromise (IOCs) to be added into EDR rule set
- Build and manage Data Loss Prevention (DLP) program with McAfee DLP and Netskope
- Mature existing DLP reporting program to identify incidents of company data loss, test new cases and deploy into production
- Develop DLP incident detection and reporting process

**Requirements**:

- 4 to 10+ Experience
- 3+ years of hands-on operational experience (from a security operational and incident response perspective)
- Active Directory (On Premesis, Azure AD, conditional access)
- Next-Gen Firewalling (Palo Alto highly preferred)
- Multi-Factor authentication (Duo preferred)
- CASB and cloud security (Netskope preferred)
- Vulnerability Scanning(Tenable Nessus preferred)
- Network Behavioral Monitoring (Cisco Stealthwatch)
- SIEM / event monitoring and reporting(Rapid 7 IDR)
- Wireless Network Monitoring (Cisco Meraki)
- Office 365
- Operational experience preferred
- Cisco ISE / 802.1x and TrustSEC
- Application Security
- Azure Cloud
- Ability to triage and prioritize operational and project-based work
- Ability to communicate effectively with technical and non-technical audiences
- Ability to document processes and procedures
- General understanding of the 7 OSI layers, OWASP Top 10 Security Threats, CIS Top 20 Critical Security Controls

Proactive and collaborative approach to continual improvement of security program

**Certifications Preferred : CISSP, CISM, CEH, GSOC, CISA.