Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).
Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).
We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.
Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.
While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.
Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.
Summary:
The Offsite Security Analysts are a key component of our SOC-as-a-Service operations. They are on the front line receiving and triaging alerts from our clients who require dedicated support. Our Security Analysts have strong network and security knowledge, are strong problem solvers, and work under time pressure to quickly analyze and report security threats in our client’s networks.
The Offsite Security Analyst will be reporting to the Offsite Lead, he/she will be working closely with the client’s cybersecurity threat operation management team.
- Perform the security tasks for PCIDSS Compliance and other Aspire Lifestyles-related compliance required for internal and external audits (ISO27001, SOC2 Type II, etc.) and ensure successful completion.
- Provide technical consultation and support on the resolution of the findings on the security tests done.
- Assist compliance officers/managers in preparing and timely submission of security evidence for audits (remote and onsite) and ensure timely and successful closure of assessments.
- Provide security support for client assurance (evidence, questionnaire and audits).
- Perform or coordinate PCI DSS scans and penetration tests including tracking of findings remediation, required for PCI DSS Compliance on Aspire in scope components and coordinate with systems, network, local IT, applications and relevant departments on timely resolution of findings.
- Application vulnerability scans – Perform or coordinate dynamic security scan of internal and external web applications. The tests to be of the following types:
a. Dynamic Web Application Scans
b. Patch Management - Coordinate and maintain patch tracking for servers/devices in scope for PCI DSS and ISO27001
c. Vulnerability tracking - Track and follow-up with Stakeholders to fix the reported vulnerabilities and share Dashboard with Compliance team on monthly basis
e. Highlight and report deviations on the activities or high-risk audit areas. - Perform or coordinate internal vulnerability assessments required to manage PCIDSS compliance on networks, systems and security related systems. The tests to be of the following types:
a. Configuration Scan,
b. Patch Scan, and
c. Vulnerability Scan - Operate an effective Log Management, Host Based Intrusion Detection System across geographies and support the incident management and change management work and maintain PCIDSS compliance, SOC 2 Type II Compliance and ISO 27001 Compliance.
- Maintain compliance tracks and ensure HIPS system, compliance system, etc. are maintained up to date for certifications (PCIDSS, SOC 2 Type II, ISO/IEC 27001 Certification audits).
- Perform troubleshooting on SIEM, FIM and HIPS products and seek support from AV support team by creating and following up on tickets.
- Ensure the SIEM, HIPS, FIM, MSS and other technologies implemented for PCIDSS compliance runs optimally with no negative impact on systems.
- Prepare reports from the technical (SIEM, MSS, HIPS, FIM) and non-technical systems (excel reports) the support the client audit requests, PCIDSS audits, ISO27001 audits, SOC 2 Type II etc. and maintain the dashboards.
- Firewall Review - Perform Firewall review using automated tools and maintain PCI DSS requirement.
- Access review - Perform periodic access reviews of security solutions.
- Configuration review of Security devices - Periodic review of security devices as per MSS guidelines
- Segmentation testing - Perform or coordinate segmentation test for the PCI in scope systems.
- Any other delegated tasks reasonably considered to be within the scope of the post and as agreed with managers.
- At least 2+ years of working experience in a cybersecurity function such as Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence or Vulnerability Management. Work with SIEM technologies receiving and triaging alerts from various log sources preferred.
- Network security or IT certifications are advantageous.
- Knowledge of network concepts, network protocols, and network security methodologies.
- Knowledge of network technologies in one or more areas such as perimeter firewalls, demilitarized network zones (DMZ), encryption, encoding, network virtualization or wireless networks.
- Knowledge of enterprise IT networks, cybersecurity threats and vulnerabilities at the network layer.
- Knowledge of network traffic analysis methods such as packet analysis and analyzing network flow data.
- Continuous learner who has a passion for defensive cybersecurity; ability to utilize resources at your disposal in an efficient manner; advanced problem-solving skills when encountering emerging security attack scenarios
- Demonstrated communication skills including written documentation of troubleshooting and required responses
- Proven ability to work in a fast-paced environment with strict SLAs for response time
- Opportunity to work in a progressive organization with structured training and roadmap for success
- Lunches and fun employee activities!
- Experience in one of the hottest IT industries today
Proficio is an EOE employer.