Information Security Specialist

The contractors will, under general direction of Salucro and USB staff, support the migration from Salucro legacy environment to USB. This is for the integration of a M&A (Salucro) into the USB environment ranging from documenting the existing environment, assisting in any required configuration changes, and supporting the move as needed. The role includes compiling technical documentation, performing security-related investigations when needed, and an ability to perform tasks under limited direction.
 

What skills/technologies are required (please include the number of years of experience required)?
Can be junior security or IT with some security experience with an understanding of terminology and key efforts depending on the candidates.
• Systems engineering (Windows, Linux) – 5 years.
• Experience in production cloud environments (AWS, AZURE, GCP) – 5 years.
• Experience deploying a SIEM solution (platform integration) – 5 years.
• Security monitoring Blue Team experience – 5 years.
• Strong Analytical and Documentation skills – 5+ years.
• SIEM (esp. CrowdStrike) tuning skills - 5 years
• Performing log analysis and investigation of security-related items – 5 years.

What skills/attributes are preferred (these are a desired, not required)?
The required skills can be split between the two contractors for the right candidates due to time constraints.
• Experience participating in security incidents in a variety of roles
• Network technologies (routers, switches, hubs)
• Experience with Amazon security tools (Detection and Analysis experience)
• Familiar with network architecture
• Incident Response experience
• CrowdStrike experience
• PCI and HIPAA experience of any length a bonus

What are the top 5-10 responsibilities for this position? (Please be detailed as to what the candidate is expected to do or complete on a daily basis).
Key objectives to be performed-

• Perform internal reviews to validate items identified in discovery. Identify any gaps with and assist with remediation in coordination with bank teams.
• Working with local resources, identify and help to prioritize migration to U.S. bank devices and standards to limit business disruptions.
• Assist in SIEM configuration. Any SIEM-related instructions will be provided for reference.
• Assist in any events in support of security operations and engineering and where not possible, to provide backfill as needed to support local resources.
• Identify and aid to prioritize migration to U.S. Bank policies and procedures for any existing hardware or software that is not immediately replaced to include non-standard equipment or applications.
• Coordinate with security monitoring teams as needed to ensure full visibility and accessibility during events. Provide investigative support for Cyber Defense personnel.
• With bank personnel, identify and prioritize gaps within the M&A and bank policies and procedures and any need for remediation as the migration to full bank integration occurs.
• Document or identify existing documentation in support of security operations efforts