Laserfiche WebLink
Qualifications: 5-6 years of SEIM Management, configuration and maintenance experience is <br />required that includes at least two years hands-on experience with LogRhythm; knowledge <br />of information security concepts, standards and best practices; strong analytical, problem - <br />solving and decision -making skills; strong attention to detail; excellent verbal and written <br />communications skills; ability to work with all levels of management and staff; knowledge <br />of principles and procedures involved in handling sensitive data; understanding of network <br />basics; proficiency with Microsoft Word, Excel and Visio; and any of the following security <br />certifications: CISSP, CISM, CISA, CCNA, LogRhythm. <br />Challenge Solution <br />Rare skill set Located several candidates that had the skills, experience, and <br />certifications DFW was looking for. While the interview process was <br />lengthy, we successfully placed the candidate in 2 weeks of the <br />requirement being released. <br />Successful Placement #2 — Senior Security Analyst <br />Description: Dallas/Fort Worth International Airport requires a senior security analyst to <br />perform control and vulnerability assessments to identify control weaknesses and assess the <br />effectiveness of existing controls and recommends remedial action; execute risk assessment <br />activities, analyze the results of audits (performed by other groups) to produce <br />recommendations of acceptable risk and risk mitigation strategies; work on deploying, <br />tuning and running vulnerability -scanning and penetration -testing tools; reports residual <br />risk, vulnerabilities and other security exposures, including misuse of information assets and <br />noncompliance, to DFW's management; collaborate on critical IT projects to ensure that <br />security issues are addressed throughout the project life cycle; perform analysis on threat <br />alerts from various security tools, including intrusion detection and prevention tools, <br />firewalls, antivirus systems, user behavior analytics tools, proxy devices which requires <br />demonstrable security incident response and/or insider threat experience to determine if the <br />alert is a false positive, a security event, an actual attack, and/or a security incident; <br />configure and manage security integration components in Microsoft 365 Security & <br />Compliance environment, including connectivity, synchronization services, and <br />authentication; support and handle incident response by investigating security intrusions; <br />monitor and analyze Intrusion Detection Systems (IDS) and Security Information and <br />Event Management (SIEM) to identify security issues for remediation; recognize potential, <br />successful and unsuccessful intrusion attempts and compromises through reviews and <br />analyses of relevant event detail and summary information; evaluate/deconstruct <br />ransomware, malware (e.g. obfuscated code) through approved vendor provided tools; <br />communicates alerts to leadership team regarding intrusions and compromises to their <br />network infrastructure, applications and operating systems; prepares monthly metrics on <br />briefings and reports of analysis methodology and results; consolidate and conduct <br />comprehensive analysis of threat data obtained from classified, proprietary to provide <br />indication and warnings of impending attacks against networks; monitor and interpret <br />Azure AD Connect events and Azure AD access reviews; and provide escalation point for <br />Systems Admins team as a support for Office 365 related incidents on threat management. <br />Qualifications: Bachelor's degree in business administration, computer science or a related <br />field; 5 years network security systems support; 5 years of Kali Linux experience or at least 5 <br />RFP No. 20-124 <br />Information Technology As -Needed Professional Services Page 1 54 <br />