IT Security Staffing Agency
Tier2Tek IT Staffing and Recruitment Agency provides solutions for IT Security staffing. The IT Security Analyst develops, maintains, and evaluates the organization’s IT security initiatives. The analyst ensures that programs, policies, and procedures achieve the stated security goals of the organization through proactive management and analysis of security activity.
For Experienced IT Security Staffing
Tier2Tek Staffing Agency has years of experience in staffing IT roles such as IT Security Specialists. We take time to ensure that our candidates are professional, experienced, and have the capabilities to perform the job thoroughly. We interview all our candidates before we send them to our clients. Our IT recruiters will find the ideal fit for your staff augmentation needs.
What Does an IT Security Specialist Do?
The IT Security Analyst is responsible for identifying risks relating to information security, compliance, business continuity planning, incident response, and vendor risk management. Once identified, they advise senior management of the risks.
They proactively collaborate with other departments to identify and manage security vulnerabilities. Additionally, they stay current on the latest security threat trends. They perform current state risk assessments on an appropriate cycle to validate the security of all corporate information and systems
Finally, they develop and test incident response plans to ensure the preservation of evidence. They champion awareness campaigns to educate the organization on best security practices.
According to GlassDoor, the average salary for an IT Security Analyst is $92,181 a year.
Sample IT Security Job Description for Staffing
The Information Security Engineer/Consultant is an expert on information security and developing defensive security systems practices.
- Multiple years of experience working in Information Security
- Responsible for complete Information Security Program design and implementation.
- Experienced in providing organizations with consulting services around Information Security Process Improvement, security governance best practices, and regulatory compliance gap–analysis remediation.
- Responsible for conducting application security point testing, architecture configuration reviews, and complete Enterprise Security Assessment services
Sample Information Security Architect Job Description for Staffing
The Information Security Architect is an expert in analyzing IT systems for software security with regard to analyzing risks and implementing defensive solutions. The Information Security Architect conducts vulnerability scans, implements, monitors, and maintains network IDS/ IPS devices, firewall, router ACL management, audit log monitoring, and general information security product deployment.
- Experience conducting enterprise-wide network security solutions (architecture and engineering, well-versed in deploying PKI, routers, firewalls, and patch management).
- Working knowledge of commercial and open-source security tools (Saint, Nessus, Canvas).
- Experience working with wireless security tools and technology.
- Has 5 or more years of experience with the implementation of security solutions, patch management techniques, and processes, risk management and mitigation, identity management, firewalls, and intrusion detection.
- Experienced in providing organizations with consulting services around Information Security Process Improvement, security governance best- practices, and regulatory compliance gap–analysis remediation.
- Responsible for conducting application security point testing, architecture configuration reviews, and complete Enterprise Security Assessment services.
- Strong knowledge and experience in security auditing processes and techniques.
- Solid understanding of O/S security weaknesses, vulnerabilities, and remediation.
- Understands and resolves complex security issues with confidence.
- Has working knowledge of Firewall and router configuration; switches, secure network, architect, VPNs.
- Working knowledge of the ISO 270001 ISMS.
- CISSP/CEH/CISM/PCI-QSA certified.
Sample Identity Management Architect Job Description for Staffing
The Identity Management (IDM) Architect will serve as a technical subject matter specialist responsible for the design and implementation of the company’s identity and access management solution. The position will assist in the management of IDM standards for the organization’s overall application integration, middleware interfaces, and security architecture. They will design system modules that integrate company-wide platforms to minimize account and access management costs.
- 5+ years of experience with high-level design, architecture, configuration, and installation of IDM solutions and designing the “Identity Management Solutions” with high availability and load-balancing across all identity management components.
- LDAP technologies.
- Experience conducting load testing, company testing, and performance tuning.
- Single-Sign-On (SSO).
- Experience with Internet Directory and Access Management.
Sample Identity Management Developer Job Description for Staffing
- Has 3-5 years of experience designing and developing OIM and Access Manager triggers, and scripts.
- Demonstrates advanced understanding of business processes, internal control risk management, IT controls, and related standards.
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
- Understands complex business and information technology management processes
- Execute advanced services and supervise staff in delivering basic services.
- Assist in the selection and tailoring of approaches, methods, and tools to support service offerings or enterprise projects.
Sample Identity Specialist Job Description for Staffing
- Experience with SailPoint HQL programming.
- Data Security.
- Experience with assessing and implementing access control procedures and processes.
- Microsoft Windows AD and LDAP.
Common Certifications for IT Security Analysts
Certified Information Systems Security Professional (CISSP)
The CISSP certification is often considered the main pillar achievement of IT Security professionals due to its overarching nature. Provided by the International Information Systems Security Certification Consortium (ISC), the certification is the result of a 6-hour test that covers all basics of security analysis. The main topics are disaster recovery planning, physical security, operations, security, management practices, telecommunications, and networking security.
CompTIA Security+ (SY0-601)
We speak of CompTIA often because they are the industry standard for all certifications. Basically, they provide entry-level certifications for all tech-related roles. It’s common to see them as a requirement for job applications, especially those within cyber security. Henceforth, the Security+ certification covers the 5 basics of security: Attacks, threats, and vulnerabilities, architecture and design, implementation, operations and incident response, governance, risk, and compliance.
ISACA Certified Information Security Manager (CISM)
As a higher-level certification, the CISM covers the advanced techniques of managing a cybersecurity team and network, forgoing the basic system aspects of the aforementioned certifications. Therefore, the test involves proving that you have the ability to manage a team during a cyber attack, oversee various issues and troubleshoot, and understand overall risk management. It proves that the candidate is not only an expert on cyber security but an expert on leadership.
Common Skills for IT Security Analysts
The ability that all cybersecurity professionals must hold in spades. Simply put, an IT security job will require immediate and emergent response when and if a problem arises. Therefore, the analyst candidate must be a specialist in incident response. How well can they work under pressure? How do they handle high-stress situations? These are crucial attributes for anyone in the field.
Experience in Windows
We note Windows expertise in almost every IT job, and there’s a valid reason for that. Basically, the operating system and software juggernaut continues to be the main staple of technology. Chances are, the security analyst will be working with a Microsoft network or platform. Therefore, they should be masterful with all of the company’s technology.
This can go for other operating systems, too. If your company works specifically with Linux, the candidate should be an expert on it.
Though analytical skills are the obvious need of IT security analysts (duh), a base level of leadership will always be a bonus. More than likely, the analyst will be implementing and communicating their research to the cybersecurity team, helping lead and champion new implementations. Therefore, the candidate should have great leadership and managerial skills (i.e. the aforementioned CISM certification).
Other Parallel Careers and Jobs
While the analyst oversees how well the security measures work, the engineer creates them. They work in tandem to create the best-possible security for the company.
A Cybersecurity Engineer sets up the best possible security for a company’s computer and network systems. This security is used to protect all company data and information from unwanted eyes. They will also protect the company from losing money or revenue due to hackers or ransomware threats. They are able to identify these threats and stop them before they happen.
Like a Cybersecurity Engineer, the F5 Engineer helps to create and implement cybersecurity measures. The difference is the platform, for F5 engineers work with applications.
The F5 Security Engineer is a specialist in all things F5 software. Henceforth, they can work to implement F5 WAF into your applications, monitor it and be available for security measures if a cyberattack occurs. They are the backbone of the cybersecurity team for a company that uses F5’s WAF and can design and install the firewall onto any correlating applications.
While the IT Security Analyst oversees a company’s cybersecurity, the Governance Analyst oversees the security of data.
Ultimately, the Information Governance Analyst supports and maintains the storage of physical and electronic data. Secondly, they administer the data’s mobility process. They are also responsible for working with a company to employ a strategic plan that relates to the management of client information. Furthermore, this plan may involve the organization of outbound and inbound information and the efficient application of established retention practices in accordance with the company’s policy.