Senior Cybersecurity Analyst

At ImagineX, we believe in the power of exceptional talent, innovative thinking, and collaborative spirit. We are a dynamic and fast-growing digital services firm, dedicated to solving complex challenges for our clients and shaping the future of industries worldwide. ImagineX operates with two business units (“BUs”), Software and Cybersecurity. In our Software BU we build innovative, enterprise-grade custom software solutions for our clients. In our Cybersecurity BU we provide clients with threat and vulnerability management, cyber data and engineering, and cyber governance, risk, and compliance solutions.

We're looking for a Senior Cybersecurity Analyst to join our growing team with experience with MITRE ATT&CK, development and integration of SOC use cases.

Both positions are full-time and 100% remote (Atlanta is always preferred but not required). 
 

Duties: 

• Security Policy and Procedure Review: Collaborate with stakeholders to understand goals and expectations for the security tools, analyzing the organization's existing security policies and procedures to ensure they align with these expectations and the NIST 800-53 framework requirements for security logging and monitoring.
• Gap Identification: Identify potential gaps and risks in the current approach to logging and monitoring across people, processes, and technology, including the analysis of architecture diagrams, integrations, and configurations of security tools. This includes reviewing logs enabled in the Customer’s Azure environment, SumoLogic, and SentinelOne.
• Log Collection, Storage, and Analysis Assessment: Evaluate the organization's processes for collecting, storing, and analyzing security logs. Assess the types of logs collected, methods used for storage and retention, the methodology for determining log sources, and tools and techniques for log analysis.
• Stakeholder Engagement: Interview and engage with client stakeholders to understand goals and expectations for security tools.
• Findings and Recommendations Reporting: Collaborate with project leadership to develop a report documenting the findings of the assessment, providing a client facing report providing clear recommendations for improvement. Reports should outline any gaps identified between the organization's current practices and the NIST 800-53 framework requirements and other relevant best practices.
   

Required:

• 4+ years experience with SIEM Engineering and / or SOC monitoring and triage  
• Understanding of SIEM logging requirements including alignment to industry standards (e.g. NIST 800-53)
• Experience with SIEM engineering concepts, processes, and best practices that include log collection and storage 
• Experience with Azure, SumoLogic, SentinelOne or similar application security tools and environments
• Able to develop summarized reports that include recommendations and a prioritized roadmap for improvements
• Able to collaborate effectively with peers and stakeholders via written and verbal communication

• Certifications in application security (e.g., EC-Council C|ASE, CSSLP, etc.)
• Experience with SIEM, Logging, Log Centralization, Monitoring, Observability, Azure, SumoLogic, SentinelOne

SPONSORSHIP NOT AVAILABLE.  US CITIZEN OR GREEN CARD HOLDER ONLY.