Information Security Analyst
Job Details
Connecticut - Wilton, CT
Full Time
4 Year Degree
Information Technology

Due to our market leadership in professional consulting, Kraft Kennedy’s Managed Security Service Provider (MSSP)practice group is experiencing rapid growth. Our Security Operations Center (SOC) provides the base of operations for assisting firms with end to end consulting, testing, monitoring, management, support and response to their security needs.

We are looking for a passionate Security Analyst with experience in information security and technology to take a triage specialist role in our growing MSSP within the SOC, to review and address client security issues. Additional responsibilities would include reviewing client security needs and recommending solutions consistent with the Kraft Kennedy SOC.

The successful candidate must be an individual who understands business operations, information technology, and security. This individual must have demonstrated hands-on experience with information security testing and consulting. High-level communication skills are essential to successfully translate technology and security requirements into business terms. Strong client service skills are necessary for interacting with various levels of internal IT staff as well as corporate leadership.

  • Maintain working knowledge of cyber threat actor tactics and techniques
  • Research, identify and understand new threats
  • Review client issue and take steps to remediate security threat
  • Conduct security audits and risk assessments with commercial tools and techniques
  • Report and present findings to team and clients
  • Excel as a self-motivated individual who can work on their own as well as integrated with a team in a variety of situations
  • 1+ years of IT security review and remediation for internal or external client 
  • Experience in several IT disciplines may provide a solid framework for this position but must have hands-on experience using security monitoring tools, running vulnerability scans, and reviewing vulnerability assessment reports
  • Familiarity and knowledge of security frameworks (NIST CSF, CIS, ISO)
  • Strong hands-on skills and knowledge of the Windows client/server architecture
  • Strong networking knowledge with a focus on security
  • Programming skill (Python, Ruby, PHP, C, C#, Java, and Perl) desired
  • Security Certifications (CISSP, GCIA GCIH, GCFA or GCFE)
  • Familiarity with incident handling techniques and processes desired
  • Must possess strong verbal and written skills
  • Law firm experience is a definite plus!