Please login/register to apply for this job.
19 May 2022

Temporary Senior Security Threat Analyst

JohnB – Posted by JohnB Anywhere

Job Description

ARC Group has an immediate opportunity for a Senior Security Threat Analyst. This is starting out as a contract position running through October 2022 with strong potential to extend or convert to FTE. This is a fantastic opportunity to join a well-established, dynamic organization that offers tremendous career growth potential. Position is 100% remote.

ARC Group is a Forbes-ranked a top 20 recruiting and executive search firm working with clients nationwide to recruit the highest quality technical resources. We have achieved this by understanding both our candidate’s and clients’ needs and goals, and serving both with integrity and a shared desire to succeed. ARC Group is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.

This position is 100% remote!

Job Description: The Senior IT Security Threat Analyst independently develops, maintains, and implements comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. The ideal candidate will perform comprehensive threat analysis and recommends appropriate course of action, mitigation, and remediation. They provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. They lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members. Senior IT Security Threat Analysts may be the single point of contact and coordination for third-party incident response teams and law enforcement agencies if the environment is breached.

Accountabilities will include but are not be limited to:

  • Conducting security risk assessments, evaluating security services, threat technologies, and documenting necessary Threat Operations policies and procedures for security monitoring. Specific focus will be on Web Applications and Application Programming Interfaces (APIs) leveraging Open Authorization (OAuth), ForgeRock Directory Services, ForgeRock Access Management, Symantec Siteminder, IBM DataPower and IBM API Connect gateways.
  • Integration of new interoperable application capabilities with Threat Operations SIEM as needed for security logging and monitoring of cloud systems and hosted applications using Splunk Enterprise Security.
  • Create actionable alerts in Splunk based on received capability and API infrastructure log events and produce metric reports on the cloud security posture.
  • Train Threat Operations analysts on integrated web application security and supporting cyber event management processes.
  • Recommending security standards and cyber response configurations for interoperable / integrated Web Application gateways and support platforms for service (e.g., web identity management, OAuth, JSON Web Tokenization, SOAP and RESTful web services, etc.).
  • Working familiarity with National Institute of Standards and Technology (NIST) Publications 800-53 “Security and Privacy Controls for Information Systems and Organizations” and 800-95 “Guide to Secure Web Services”, as well as Health Level Seven International (HL7) Fast Healthcare Interoperability Resources (FHIR) standards.

Essential Functions

  • Independently, proactively and automatically correlates and analyzes threat data from various sources and analyzes network events to establish the identity and modus operandi of malicious users active in the computing environment or posing potential threats to the computing environment. Provides guidance and assistance to junior members of the team
  • Independently conducts industry research and technical evaluation of all-sources and vendor supplied intelligence–with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
  • Subject matter expert in the detection and identification of cyberattack signatures, tactics, techniques and procedures associated with advanced threats
  • Leads assessments and development of cyber threat profiles of current events based on collection, research and analysis of open-source information
  • Leads root cause analysis of any monitoring alerts and threats identified by third-party vendor, or internal systems and workforce. Once root cause is determined, proposes and leads cross-departmental efforts, if required, to implement appropriate security controls and solutions that will mitigate risk and vulnerabilities, as well as safeguard our systems and data
  • Independently and proactively prepares detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders
  • Develops and maintains documentation for security monitoring procedures and security diagrams
  • Leads the development of proposed design, configuration, and implementation of security monitoring architecture
  • Serve as a subject matter expert for team members, specializing in network security monitoring, host analysis, and log analysis
  • Creates and leads initiatives to improve security monitoring operations center processes
  • Leads improvements discussions with third-party vendor regarding security monitoring functions
  • Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security monitoring and threat analysis program

Required Work Experience

  • 6+ years direct IT Security work experience. Specific expert level technical experience may be substituted
  • 3 years experience in Threat modeling, hunting and analysis
  • 3 years experience in Cyber event management and incident response
  • Experience with Cyber Offensive Security including Breach Attack Simulations
  • Experience with Agile and Waterfall SDLC methodologies

Preferred Qualifications

  • Experience with single sign-on and IAM solutions.
  • Experience working with web technologies and their logging facilities.
  • Experience with API gateway security.
  • Experience with security monitoring and logging.
  • ForgeRock experience a plus.
  • SiteMinder experience a plus.
  • ISC2 Certified Information Systems Security Professional (CISSP)
  • EC-Council Certified Ethical Hacker (C|EH)

Required Education
Related Bachelors degree or demonstrated equivalent professional work experience

How to Apply

For immediate consideration, please send your resume directly to John Burke at You can view all of our open positions at

Job Categories: Equal Opportunities. Job Types: Temporary. Salaries: 100,000 and above.

Job expires in 45 days.

37 total views, 1 today

Apply for this Job