Information Security Threat Management Specialist !! Remote at Remote, Remote, USA |
Email: [email protected] |
Position: Information Security Threat Management Specialist Location: Remote Visa: No h1B MOI: Video Only 2 profiles needed for this role "The Identity Defense organization aims to protect digital identities which allow access to the internal network, resources, and applications. You would be accountable for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts. You will be supporting design efforts to build out new processes and supporting governance related to implementation of human and non-human account monitoring to protect the organization. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents to the business analyst. The Specialist will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. Role Description: The Identity Defense organization aims to protect digital identities which allow access to the Point32healths internal network, resources, and applications. You would be accountable for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts. You will be supporting design efforts to build out new processes and supporting governance related to implementation of human and non-human account monitoring to protect the organization. You will utilize in-depth technical knowledge and business requirements to help implement scalable solutions, inclusive of monitoring, alerting, and escalation frameworks focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement, and influence controls and policy within the digital identity domain. You will partner with leaders from line of business organizations to triage security events and report on impacting security incidents to the business analyst. The Specialist will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. The role will also involve discussion with employees as part of alert analysis and disposition. Key Responsibilities: Audit Privileges in Active Directory: o Perform detailed privilege audits in Active Directory using PowerShell and other relevant tools. o Generate reports on privileged accounts, group memberships, and permissions. o Identify and document accounts with excessive privileges, including tier 0, 1, and 2 accounts. o Use BloodHound Enterprise to analyze access paths and high-risk relationships. Collaborate with Stakeholders: o Engage with application owners and technical teams to communicate audit findings and propose privilege reductions. o Provide guidance on implementing least privilege without disrupting operations. Hybrid Identity Governance: o Assess privileged accounts in Microsoft Entra and on-premises AD to ensure consistent governance across both environments. o Leverage Entras tools for access reviews, Privileged Identity Management (PIM), and privileged access policies. Service Account Management: o Guide the implementation and management of Group Managed Service Accounts (gMSAs) where applicable. o Identify non-interactive service accounts with excessive access and recommend remediation or gMSA conversion. Required Qualifications: Expertise in Active Directory (AD) Auditing: o Extensive experience auditing AD privileges using PowerShell (specifically the ActiveDirectory module) and BloodHound Enterprise or Community Edition. o Ability to script and automate tasks to streamline audits and privilege reporting. Proficiency with Microsoft Entra (Azure AD): o Experience with Entra identity governance tools, including Privileged Identity Management (PIM) and access reviews. o Understanding of hybrid identity setups and AD-Entra synchronization. Knowledge of Service Account Management: o Expertise with gMSAs and understanding of service account management best practices in AD. Privileged Access Governance: o Familiarity with privileged access management (PAM) tools and governance frameworks. Effective Communication Skills: o Ability to translate audit findings into actionable recommendations for non-technical stakeholders, including application owners. Other required qualifications: Ability to handle multiple competing priorities in a fast-paced environment; ability to be decisive and act without causing an undue delay. Familiarity with security vulnerabilities exploits and hacker techniques. Familiarity with identity management standards, social engineering TTPs, and the incident response lifecycle Familiarity with the ability to build queries, alerts, dashboards, etc. Knowledgeable of current authentication-based exploits in traditional and cloud environments, for both human and non-human accounts. Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language. Networking and/or Security Experience. Experience detecting Insider Threats and placing controls within an organization to protect against digital identity threats. Skills that will help: An extensive working knowledge of security threat vectors, networking, network security and application security. o Advanced problem-solving skills. o Able to adapt communication style to the audience. o Demonstrates the capability of working in a team environment and collaborating with overseas partners. o Ability to work independently. o Certifications such as CISSP, CompTIA Security+, CYSA+, CCNA, CEH, GCIH, Entra, are desired, but not required. o We are an equal opportunities employer and ensure that no applicant is subject to less favorable treatment on the grounds of gender, gender identity or gender reassignment, marital or civil partner status, race, religion or belief, color, nationality, ethnic or national origins, membership of the Traveler community, age, sexual orientation, pregnancy or maternity, civil status, socio-economic background, family status or physical or mental disability. The company selects candidates for interview based on their skills, qualifications, and experience. o We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. Thanks & Regards .! Manish Chaubey Technical Recruiter | Adventa Tech Inc (An E- VERIFIED COMPANY) 24916 Earls Ford Drive Chantilly, VA 20152 Email : [email protected] Hangout : '[email protected]' https://www.linkedin.com/in/manish-choubey-9939b8238/ Disclaimer : This communication, along with any documents, files or attachments, is intended only for the use of the addressee and may contain confidential information. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of any information contained in or attached to this communication is strictly prohibited, To remove your email address permanently from future mailings, please send REMOVE to [email protected] -- Keywords: active directory information technology Virginia Information Security Threat Management Specialist !! Remote [email protected] |
[email protected] View all |
Fri Oct 25 02:19:00 UTC 2024 |