Senior Information Security Analyst
Montrose Environmental Group Inc.

ABOUT YOU

Are you passionate about joining an inclusive work environment, committed to leading new ideas and pathways, and to delivering value? If the answer is, "Yes!" then we have an exciting career opportunity for you based in Orange County, California. Who are we? We are Montrose, a leading environmental services company with 2,800 employees across 80 locations worldwide, focused on supporting clients as they deal with the environmental challenges of today, and prepare for what's coming tomorrow.

The Senior Information Security Analyst will be responsible for Confidentiality, Integrity and Availability of Montrose Environmental data and systems. This will be accomplished utilizing Governance, Risk and Compliance frameworks techniques and procedures to defend our company from cyber threats. You'll need at least 6 years of experience in Cybersecurity and welcome the opportunity to make an impact from day one.The salary range for this role is $120k - $140k, and is hybrid from the Santa Ana, CA office.

We have expanded into Canada, Australia and Europe (Sweden and Germany) so multi-national experience, or the interest to gain that experience, is highly preferred.

WHAT WE CAN OFFER YOU

Our Mission is: To help protect the air we breathe, the water we drink, and the soil that feeds us, and is supported by our Principles: We Value Our People, We Value Our Community, We Value Our Clients, We Value Our Shareholders. We care for the well-being of our people and offer:

• Competitive compensation packages
  
• Industry leading benefits packages, including company paid life and disability insurance
  
• Paid parental leave benefits
  
• Progressive vacation policies and company holidays including floating holidays to meet the diverse needs of our people
  
• 401(k) plan and competitive match offered
  
• A financial assistance program to help support peers in need
  
• An educational reimbursement program
  
• Access to best rates in the industry to bring your student loan debt down to size
  

A DAY IN THE LIFE

As a key member of the Information Security team, this role will be responsible for a full range of activities including:

• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.
  
• Collaborate with other team members to implement CMMC Level 2, NIST 800-171, and ISO 27001
  
• Perform cyber defense trend analysis and reporting
  
• Review existing on-prem and cloud architecture and provides recommendations to enhance security and reliability
  
• Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies.
  
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  
• Administering and helping support various Information Security management programs and initiatives related to computer security, policy and procedures, awareness training, audit coordination, legal matters, legislation and regulatory compliance
  
• Continually research the latest information technology (IT) security trends and implement strategies to mitigate or manage associated risk.
  
• Execution of a Vulnerability Analysis and Resolution Strategy Develop SIEM content in partnership with Security leadership to identify threats unique to the MEG environment
  
• Participate in focused training and exercise sessions as needed. These sessions include incident response, forensics and inter-departmental incident response.
  

NECESSARY QUALIFICATIONS

To perform this job successfully, individuals must be able to perform each duty and responsibility satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

Required Qualifications:

• 4+ years of experience with enterprise-level vulnerability management
  
• 2+ years of experience working with SIEM, SOAR, Microsoft Active Directory with SIEM use-cases, including build out of custom SIEM/SOAR alerts and playbooks
  
• Hands-on experience with FortiSIEM, FortiManager, FortiAnalyzer, FortiSOAR, FortiNAC (or similar)
  
• Deep Knowledge of Intrusion Detection
  
• Ability to work closely with IT, Audit and legal counsel for security initiatives
  
• Excellent knowledge of TCP/IP, including packet-level traffic analysis with tools such as WireShark
  
• Experience in cloud security
  
• Scripting and automation experience
  
• Must be a U.S. citizen or national, U.S. permanent resident (current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum"
  

Preferred Qualifications:

• Experience with ITIL framework and change management
  
• Certification in one of the following GICSP, GCLD, GCPN, CND, SSCP, CCSP, OSCP, GCDA, GCWN
  
• Experience with Installation, configuration, maintenance of information security tools.
  
• Network administration, Working knowledge of Firewalls, Routers, TCP/IP, DNS, Email routing and DLP, Coding / Scripting experience (Python, PowerShell, etc.)
  
• Knowledge of incident categories, incident responses, and timelines for responses
  
• Experience with NIST CSF design and implementation
  
• Experience with Nessus, Wireshark, NMAP, ConnectWise, SharePoint, Google Suit, Microsoft O365
  

The above statements are intended to describe the general nature of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties and skills required of employees so classified. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact 949-988-3500 or careers@montrose-env.com for assistance.

Vaccination against Covid-19 is strongly preferred. All employees will be subject to policies and procedures of the Company that may be dependent on vaccination status.

MAKE THE MOVE

From comprehensive air measurement and laboratory services to regulatory compliance, emergency response, permitting, engineering, and remediation, Montrose delivers innovative and practical design, engineering and operational solutions that keep its clients on top of their immediate needs - and well ahead of the strategic curve.We are a fast-paced and dynamic team. At Montrose, you are your own boss, but you will get tons of guidance and plenty of support from talented, super-smart colleagues. Therefore, if freedom, autonomy, head-scratching professional challenges attract you, we'd love to speak with you.

Want to know more about us? Visit montrose-env.com and have fun!

Montrose is an Equal Opportunity Employer. Montrose is committed to recruiting and hiring qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status. Montrose is committed to providing access and reasonable accommodation in its employment for individuals with disabilities.

This job has expired.