Information Security Analyst | Cyber
Who We Are
Origami Risk is a wildly successful Enterprise Software as a Service growing at an exceptional rate. Origami has been consistently ranked the #1 Risk Management Information System (RMIS) in the industry’s most comprehensive studies for the past 5 years. Founded by industry veterans committed to bringing new ideas and advanced features to the RMIS market, Origami Risk’s innovative software is designed with the latest technology and a focus on performance and ease-of-use, and is supported by industry experts. It features powerful workflow, advanced reporting and analysis tools, and intuitive features to improve productivity and better manage Total Cost of Risk—saving our clients time and money and enabling them to be more successful.
Making a Difference
We have an immediate opening for a Cyber Security Analyst to join our growing Security Operations team.
As a Cyber Security Analyst, the work will encompass day-to-day security operations focused on maintaining the confidentiality, integrity and availability of the Origami Service while addressing ever-evolving cyber security threats. This individual will monitor, investigate and escalate detected cyber security events, while maintaining proper defense-in-depth practices throughout the operating environment.
The ideal candidate will have experience working as a security practitioner with a wide range of experience in the Information Technology and Information Security disciplines and an ability to operate in a dynamic ever-changing environment.
Tasks and Responsibilities:
- Respond to security incidents to include the collection, preservation and analysis of forensic evidence
- Participate in vulnerability assessments and continuous monitoring activities; identify threats, vulnerabilities, and risks to the business
- Use Security/Threat Intelligence feeds to improve indicators of compromise
- Proactively identify, triage and address security flaws, threats and vulnerabilities across the entire organization
- Participate in Security Operations and Support for a virtualized public cloud environment
- Participate in risk and security assessments based on Governance, Risk and Compliance requirements
- Bachelor’s degree or equivalent experience
- 5 years’ information technology experience with a minimum of 2 years in an information security role
- Knowledge of firewalls, IDS/IPS, centralized anti-virus solutions, patch management, data encryption, and cryptography techniques
- Experience using SIEM and/or Security analytics systems
- Hands-on experience with commercial and open source security solutions such as AppSpider, Burp Suite, Metasploit, Nexpose, Nessus, and Kali Linux
- Knowledge with assessing vulnerabilities in web-based systems based on methodologies such as OWASP
- Experience with incident response, root cause analysis, and malware detection solutions with an understanding of adversarial tactics, techniques and response mitigation procedures
- Motivated self-starter capable of working independently while also collaborating with other team members
Additional Skills, Experience, and Certifications:
- Experience securing public cloud environments such as Amazon AWS, GCP or Microsoft Azure
- Technical knowledge of Software Defined Networking
- Experience with one or more scripting language such as Python
- Experience with FISMA & FedRAMP compliance, ISO 27001/2 and NIST 800-53 security controls
- Experience with SSAE 16/18 SOC audits
- Relevant security certifications (i.e. CompTIA Security+, GIAC, GSEC, OSCP, CEH)
- Working knowledge of security frameworks, development, test and deployment models
- Experience with software development lifecycle (SDLC) methodologies such as Agile, DevOps
Applicants selected will be subject to a background check, a government security investigation and must meet eligibility requirements to be considered for the position. Authorized to work in the United States.
Origami Risk is a drug-free work place. Equal Opportunity Employer M/F/D/V