Diverse Lynx
Information Security Analyst
Diverse Lynx - Atlanta, Georgia, United States, 30383
Work at Diverse Lynx
Overview
- View job
Overview
Job title: Information Security Analyst
Job Location: Atlanta, GA 30339
Work Model: Onsite
Job Summary: Lead threat detection, investigation, and remediation efforts using tools such as IBM QRadar, Splunk, CrowdStrike Falcon, Microsoft 365 Defender, and Sentinel One.
Required Skills: • SIEM & EDR: IBM QRadar, Splunk, Microsoft Defender, CrowdStrike Falcon, Sentinel One • Cloud Security: Azure AD, Azure Security Center, Monitor, AKS, ACR, VNets, Functions, RBAC • ZTNA & IAM: SSO/SAML, MFA, Conditional Access, iBoss, Fortinet ZTNA, Device Trust • Asset Management: Axonius, CrowdStrike Asset Inventory, AD Asset Integration • Endpoint Security: Microsoft 365 Defender, CrowdStrike, Sentinel One • Vulnerability Tools: Nessus, IBM Appscan, OSINT, Joe Sandbox • Compliance & Standards: NIST, CIS, ISO 27001/27002, HIPAA • Firewalls & Networking: Fortinet, Palo Alto, DNS, TCP/IP, DHCP, IPS/IDS • Security Automation: PowerShell, Python (optional), JSON, API integration • Email Security: Proofpoint, DarkTrace, Mimecast
Nice to Have Skills: • Experience with additional endpoint protection platforms • Familiarity with cloud security frameworks • Knowledge of SIEM tools and threat intelligence platforms
Key Responsibilities: • Perform real-time and retrospective analysis of logs, alerts, and PCAP files to detect malicious activity using Wireshark and SIEM platforms. • Conduct static and dynamic malware analysis and coordinate with threat intelligence teams for actionable IOCs. • Develop, tune, and maintain incident response playbooks, ensuring alignment with organizational risk posture. • Implement and maintain a Zero Trust Architecture, securing access through strong authentication, micro-segmentation, and continuous monitoring. • Leverage ZTNA principles in cloud and hybrid environments, ensuring strict verification for every access request regardless of location or device. • Integrate identity-based access controls across firewalls, VPNs, and cloud platforms to support secure remote access and workload isolation. • Collaborate with network, AD, and cloud teams to establish secure perimeters and enforce device trust and user validation. • Maintain comprehensive visibility and lifecycle management of IT/OT assets using tools like Axonius and CrowdStrike. • Implement robust endpoint security across environments including manufacturing and lab systems. • Integrate asset inventory with vulnerability management processes to ensure accurate risk scoring and prioritization. • Classify assets based on risk level, business criticality, and compliance needs • Conduct vulnerability assessments using Nessus, and CrowdStrike, and coordinate remediation with system owners. • Document and track security incidents, risks, and mitigation strategies through centralized dashboards and reports. • Collaborate with leadership to deliver executive-level reports and insights on security posture, incidents, • Build automation scripts and workflows to reduce manual effort in detection, remediation, and reporting. • Create custom correlation rules, dashboards, and threat detection content in Splunk. • Implemented and managed Zero Trust Network Access (ZTNA) to enforce secure, identity-aware access to applications and data across hybrid environments. • Configured ZTNA policies for application segmentation, reducing lateral movement and enhancing the overall Zero Trust posture. • Monitored and analyzed web and application traffic through the ZTNA cloud platform to detect anomalies and enforce security policies. • Created dynamic ZTNA policies based on user identity, device posture, location, and risk score to limit exposure and secure remote access. • Leveraged Secure Web Gateway (SWG) capabilities to inspect web traffic, block malicious downloads, and prevent data exfiltration. • Deployed and maintained Cybersecurity Asset Management's platform to achieve complete, centralized asset visibility across the enterprise. • Created dynamic queries to detect unmanaged, non-compliant, or vulnerable assets and trigger automated remediation workflows. • Utilized Asset management tools to correlate data across IT and security systems, enabling real-time identification of security gaps and misconfigurations. • Supported compliance audits and reporting through Asset management tool dashboards detailing asset security posture, patch status, and tool coverage. • Leveraged Asset management tools for continuous asset lifecycle tracking, software licensing checks, and enforcement of security baselines.
Qualifications: • Bachelor's degree in Computer Science, Information Technology, or a related field. • Strong background in cybersecurity, with a focus on CrowdStrike and SentinelOne. • Proven track record of implementing effective security solutions. • Proficiency in conducting security assessments and audits. • Excellent problem-solving and communication skills. • CISSP certification required.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Job Location: Atlanta, GA 30339
Work Model: Onsite
Job Summary: Lead threat detection, investigation, and remediation efforts using tools such as IBM QRadar, Splunk, CrowdStrike Falcon, Microsoft 365 Defender, and Sentinel One.
Required Skills: • SIEM & EDR: IBM QRadar, Splunk, Microsoft Defender, CrowdStrike Falcon, Sentinel One • Cloud Security: Azure AD, Azure Security Center, Monitor, AKS, ACR, VNets, Functions, RBAC • ZTNA & IAM: SSO/SAML, MFA, Conditional Access, iBoss, Fortinet ZTNA, Device Trust • Asset Management: Axonius, CrowdStrike Asset Inventory, AD Asset Integration • Endpoint Security: Microsoft 365 Defender, CrowdStrike, Sentinel One • Vulnerability Tools: Nessus, IBM Appscan, OSINT, Joe Sandbox • Compliance & Standards: NIST, CIS, ISO 27001/27002, HIPAA • Firewalls & Networking: Fortinet, Palo Alto, DNS, TCP/IP, DHCP, IPS/IDS • Security Automation: PowerShell, Python (optional), JSON, API integration • Email Security: Proofpoint, DarkTrace, Mimecast
Nice to Have Skills: • Experience with additional endpoint protection platforms • Familiarity with cloud security frameworks • Knowledge of SIEM tools and threat intelligence platforms
Key Responsibilities: • Perform real-time and retrospective analysis of logs, alerts, and PCAP files to detect malicious activity using Wireshark and SIEM platforms. • Conduct static and dynamic malware analysis and coordinate with threat intelligence teams for actionable IOCs. • Develop, tune, and maintain incident response playbooks, ensuring alignment with organizational risk posture. • Implement and maintain a Zero Trust Architecture, securing access through strong authentication, micro-segmentation, and continuous monitoring. • Leverage ZTNA principles in cloud and hybrid environments, ensuring strict verification for every access request regardless of location or device. • Integrate identity-based access controls across firewalls, VPNs, and cloud platforms to support secure remote access and workload isolation. • Collaborate with network, AD, and cloud teams to establish secure perimeters and enforce device trust and user validation. • Maintain comprehensive visibility and lifecycle management of IT/OT assets using tools like Axonius and CrowdStrike. • Implement robust endpoint security across environments including manufacturing and lab systems. • Integrate asset inventory with vulnerability management processes to ensure accurate risk scoring and prioritization. • Classify assets based on risk level, business criticality, and compliance needs • Conduct vulnerability assessments using Nessus, and CrowdStrike, and coordinate remediation with system owners. • Document and track security incidents, risks, and mitigation strategies through centralized dashboards and reports. • Collaborate with leadership to deliver executive-level reports and insights on security posture, incidents, • Build automation scripts and workflows to reduce manual effort in detection, remediation, and reporting. • Create custom correlation rules, dashboards, and threat detection content in Splunk. • Implemented and managed Zero Trust Network Access (ZTNA) to enforce secure, identity-aware access to applications and data across hybrid environments. • Configured ZTNA policies for application segmentation, reducing lateral movement and enhancing the overall Zero Trust posture. • Monitored and analyzed web and application traffic through the ZTNA cloud platform to detect anomalies and enforce security policies. • Created dynamic ZTNA policies based on user identity, device posture, location, and risk score to limit exposure and secure remote access. • Leveraged Secure Web Gateway (SWG) capabilities to inspect web traffic, block malicious downloads, and prevent data exfiltration. • Deployed and maintained Cybersecurity Asset Management's platform to achieve complete, centralized asset visibility across the enterprise. • Created dynamic queries to detect unmanaged, non-compliant, or vulnerable assets and trigger automated remediation workflows. • Utilized Asset management tools to correlate data across IT and security systems, enabling real-time identification of security gaps and misconfigurations. • Supported compliance audits and reporting through Asset management tool dashboards detailing asset security posture, patch status, and tool coverage. • Leveraged Asset management tools for continuous asset lifecycle tracking, software licensing checks, and enforcement of security baselines.
Qualifications: • Bachelor's degree in Computer Science, Information Technology, or a related field. • Strong background in cybersecurity, with a focus on CrowdStrike and SentinelOne. • Proven track record of implementing effective security solutions. • Proficiency in conducting security assessments and audits. • Excellent problem-solving and communication skills. • CISSP certification required.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.