Position Summary

Flexjet is currently seeking a qualified candidate to join our IT department as an Information Security Analyst at our state-of-the-art facility in Cleveland, Ohio or Dallas, Texas.

As an Information Security Analyst, you will work as part of a team to help ensure the Confidentiality, Integrity, and Availability of our organization's systems, networks, and data. You will have a primary focus on Incident Response, Threat hunting, and Threat Intelligence; investigating security events, and utilize forensics to identify root causes. You will ensure proper implementation and maintenance of threat intelligence processes, procedures, and integrations/automations to help defend against new and emerging threats.

Duties and Responsibilities

• Serve as the primary escalation point for incidents raised by our SOC requiring deeper investigation and analysis
• Recommend improvement and tuning opportunities with alerting
• Implement components of a multi-layered defense to protect information system resources and data, both on-premise and in the cloud
• Assist with gathering evidence of technical and administrative controls implementation for audits and reviews.
• Provide recommendations to improve monitoring for on-premises and cloud resources to assist with the development of high quality alerts
• Utilize EDR and other security tools to develop playbooks and increase automated responses capabilities
• Investigate, respond, report, and document security breaches
• Consolidate data to develop accurate reports and metrics to help measure impact of implemented and improved security controls
• Perform risk assessments on prospective IT vendors, hardware, software, services, and components.
• Participate in the on-call rotation.
• Must be able to work outside of normal, scheduled business hours as needed
• Perform other tasks and duties as assigned

Education & Experience

• Bachelor’s Degree in Computer Science preferred
• Cyber Security certification (GCIH, GCFA, CySA+, CASP+)
• 1-3 years of experience in Information Security
• 1+ years of experience with either programming, networking, system administration, or DevOps
• Experience performing firewall reviews - Palo Alto, Cisco, Checkpoint, pfSense.
• Experience with SIEM’s such as LogRhythm, Splunk, Azure Sentinel, Alien Vault or Rapid 7
• Strong experience using Microsoft suite of e5 products such as Endpoint Manager (InTune), Security, Purview (Compliance), Entra, etc.
• In depth experience securing a hybrid infrastructure
• Strong Cloud Experience with either AWS, Azure, or GCP.

Required Skills

• Knowledge MITRE ATT&CK, and Kill Chain
• Knowledge of IOC extraction, computer forensics, and malware analysis, technologies and methods
• Expert IPv4 Networking fundamental skills are required. TCP/UDP, Routing, VLANs, Subnet masking, DNS, DHCP, common protocols and ports. IPv6 is a bonus.
• Ability to identify and validate vulnerabilities
• Ability to communicate security issues to peers and management
• Solid understanding of Windows Server Technologies including Active Directory, File Permissions, Print Servers, Group Policies, Clustering
• Strong verbal and written communication
• Work well independently or with a team
• Manages time well working simultaneous challenges without undue stress.
• Flexibility and willingness to work in a changing, entrepreneurial environment.