Aspira
About Aspira
For more than 40 years, Aspira has been the market‑leading provider of software and services that help public agencies protect natural and cultural resources while making them accessible for all. Our platform supports everything from campground reservations to hunting licenses, helping millions of people discover, enjoy, and care for the outdoors.
The Ideal Candidate The Security Analyst is a proactive, detail‑oriented professional with strong hands‑on experience in cloud security monitoring, incident response, and log analysis. This individual will leverage Aspira’s AWS‑native tools and industry SIEM platforms to detect, analyze, and respond to threats while continuously improving security controls. The ideal candidate thrives in fast‑paced environments, is curious and analytical, and collaborates closely with IT, DevOps, and Network Engineering teams.
Key Responsibilities
Monitor and correlate events across AWS CloudWatch, CloudTrail, GuardDuty, and Security Hub; maintain Rapid7, LogRhythm, and related monitoring tools for log ingestion from servers, PCs, and laptops.
Develop detection rules, alerts, and dashboards for real‑time visibility into threats and anomalies; conduct continuous log analysis, identifying suspicious activity, compromised accounts, or policy violations.
Support incident response: Tier 1/Tier 2 triage of alerts, escalation to senior staff, playbook development, and forensic analysis; lead investigations of security events, assess impact, and recommend containment/remediation actions.
Collaborate with IT Operations, Network Engineering, and DevOps to remediate vulnerabilities, harden systems, and implement zero‑trust controls (MFA, IAM policies, endpoint protection).
Maintain compliance initiatives (PCI, SOC, NIST, CIS) by documenting incidents, monitoring evidence, and assisting audit requests; contribute to security KPIs such as SIEM coverage, incident response times, and patch/vulnerability remediation metrics.
Automate and improve processes: create and maintain scripts and automation (Python, PowerShell, Terraform) for log ingestion, enrichment, reporting; develop runbooks for common incidents; recommend enhancements to SIEM rules and retention strategies.
Qualifications
5+ years in Security Operations, Threat Monitoring, or Incident Response.
Strong familiarity with AWS‑native security/monitoring tools (CloudWatch, CloudTrail, Security Hub, GuardDuty).
Hands‑on experience with SIEM platforms (Rapid7 InsightIDR, LogRhythm, or Splunk).
Knowledge of security frameworks (NIST 800‑53, CIS Benchmarks, PCI DSS).
Understanding of networking (TCP/IP, firewalls, VPNs) and OS hardening (Windows, Linux).
Analytical skills: log analysis, packet captures, event correlation.
Programming/automation: Python, PowerShell, Bash.
Relevant certifications a plus (CompTIA Security+, GSEC, AWS Security Specialty, CEH, or similar).
#J-18808-Ljbffr
The Ideal Candidate The Security Analyst is a proactive, detail‑oriented professional with strong hands‑on experience in cloud security monitoring, incident response, and log analysis. This individual will leverage Aspira’s AWS‑native tools and industry SIEM platforms to detect, analyze, and respond to threats while continuously improving security controls. The ideal candidate thrives in fast‑paced environments, is curious and analytical, and collaborates closely with IT, DevOps, and Network Engineering teams.
Key Responsibilities
Monitor and correlate events across AWS CloudWatch, CloudTrail, GuardDuty, and Security Hub; maintain Rapid7, LogRhythm, and related monitoring tools for log ingestion from servers, PCs, and laptops.
Develop detection rules, alerts, and dashboards for real‑time visibility into threats and anomalies; conduct continuous log analysis, identifying suspicious activity, compromised accounts, or policy violations.
Support incident response: Tier 1/Tier 2 triage of alerts, escalation to senior staff, playbook development, and forensic analysis; lead investigations of security events, assess impact, and recommend containment/remediation actions.
Collaborate with IT Operations, Network Engineering, and DevOps to remediate vulnerabilities, harden systems, and implement zero‑trust controls (MFA, IAM policies, endpoint protection).
Maintain compliance initiatives (PCI, SOC, NIST, CIS) by documenting incidents, monitoring evidence, and assisting audit requests; contribute to security KPIs such as SIEM coverage, incident response times, and patch/vulnerability remediation metrics.
Automate and improve processes: create and maintain scripts and automation (Python, PowerShell, Terraform) for log ingestion, enrichment, reporting; develop runbooks for common incidents; recommend enhancements to SIEM rules and retention strategies.
Qualifications
5+ years in Security Operations, Threat Monitoring, or Incident Response.
Strong familiarity with AWS‑native security/monitoring tools (CloudWatch, CloudTrail, Security Hub, GuardDuty).
Hands‑on experience with SIEM platforms (Rapid7 InsightIDR, LogRhythm, or Splunk).
Knowledge of security frameworks (NIST 800‑53, CIS Benchmarks, PCI DSS).
Understanding of networking (TCP/IP, firewalls, VPNs) and OS hardening (Windows, Linux).
Analytical skills: log analysis, packet captures, event correlation.
Programming/automation: Python, PowerShell, Bash.
Relevant certifications a plus (CompTIA Security+, GSEC, AWS Security Specialty, CEH, or similar).
#J-18808-Ljbffr