This site uses cookies. To find out more, see our Cookies Policy

Senior Information Security Analyst in Mount Laurel, NJ at ARI

Date Posted: 2/1/2019

Job Snapshot

Job Description

Job Posting - External

ARI, part of the Holman Automotive Group and headquartered in Mt. Laurel, N.J., is a billion-dollar global vehicle fleet leasing and management company that prides itself on providing exceptional service. A recognized leader in the industry and the largest fleet management company in North America. Ranked #24 on FORTUNE magazine’s 100 “Best Places to Work” and #17 on Computerworld’s Best Places to Work in IT. ARI has more than 65 years of experience offering its employees a place where their careers and personal development can thrive.

ARI is currently accepting resumes for the position of Senior Information Security Analyst.

Job Purpose:

Provides operational security services and supports information security practices across Holman Enterprise’s global environment.  This includes collaborating with both technology and business areas to develop, implement, maintain and adapt data security practices necessary for protecting the business. 

Essential Functions:

  • Perform vulnerability assessments and reviews; facilitating remediation planning, exposure tracking, communicating risk, and reporting on mitigation status
  • Take part in developing and performing security control assessments for common platforms
  • Facilitate Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle
  • Participate in the administration of security implementations (EPP/EDR, IPS/IDS, SIEM, etc.)
  • Support the ongoing administration, design and use of the Security Information & Event Monitoring platform, ensuring audit trails, system logs and other monitoring data is reviewed and actionable.
  • Apply or recommend adaptive security measures based on investigative findings and threat monitoring
  • Participate in and coordinates application security reviews, working with third party assessors and application owners to identify and remediate findings
  • Performs investigations into user reported threats such as phishing or machine compromise
  • Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. Presents action plans for implementation and approval
  • Perform threat hunting based on Tactics, Techniques and Procedures (TTPs) and threat reporting from information sharing organizations (US-CERT, FS-ISAC, etc.)
  • Provide technical expertise to support vendor and project reviews.

Skills:

  • Motivated self-starter with the ability to work independently and in a team environment
  • Strong verbal and written communication skills. Must have the ability to communicate security issues to both technical and non-technical audiences
  • Ability to develop and maintain strong relationships at all levels within the organization.

Technical Skills:

  • Advanced understanding of Vulnerability Management tools and life-cycles
  • Advanced understanding of Microsoft and Linux Operating Systems
  • Advanced understanding of Microsoft Active Directory
  • Advanced understanding of TCP/IP Networking and HTTP
  • Advanced understanding of Microsoft Event Logging, Syslog, CEF and other logging technologies
  • Experience with Private Key Infrastructure and Cryptography
  • Experience with Microsoft PowerShell, Python, Bash a plus
  • Experience with identity management systems and services a plus
  • Experience with Security Information & Event Management (SIEM) systems a plus
  • Experience with Application Security Testing frameworks (OWASP, OSSTMM, etc.) a plus
  • Experience with Offensive security tools a plus (Kali, Metasploit, Empire, Bloodhound, etc.)

Other Requirements:

  • 5-7 years of combined Information Security and Technical Administration experience
  • Bachelor’s degree in Computer Science, Information Systems or another related field
  • Security Certifications such as GIAC/CISSP/CISA/CISM are desirable