About the Role

Responsibilities

• Review and analyze the security posture of insureds or potential insureds quickly and efficiently
• Evaluate customer security programs, technologies, controls, and business environments; recommend and develop enhancements
• Triage security incidents and claims, understand the root cause, and develop detection tradecraft from threat intelligence
• Build security automation tooling to rapidly integrate optimizations into our underwriting system
• Assist with developing Information Security Plans and Policies, including those for Incident Response, customized to customer requirements and risk profile
• Provide recommendations on solutions to help customers manage information security risk
• Track emerging security practices and contribute to building internal processes, and our various products
• Stay abreast of the current regulatory environment, industry trends and related implications

Skills and Qualifications

• Minimum of 2-4 years of security analysis or penetration testing experience
• Demonstrated expert understanding of the life cycle of network threats, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures
• Knowledge of TCP/IP Protocols, network analysis and network/security applications, including log and network traffic capture analysis
• Experience with Nmap, Nessus, Nexpose, Qualys, Burp, Kali, Metasploit, Meterpreter or other offensive tools
• Knowledge of industry standard frameworks – NIST, ISO, HIPAA, PCI
• Self-motivated with an entrepreneurial spirit and comfortable working in a fast-paced, dynamic environment
• Strong interpersonal communication skills (verbal & written)
• Aptitude to learn technical concepts/terms and ability to manage multiple tasks/projects simultaneously
• Bachelor’s Degree in Computer Science, Information Security, Engineering or equivalent work experience

Bonus Points

• Securing cloud based platforms (Microsoft Azure, Amazon AWS, etc.) - experience with system hardening procedures for Windows, Linux and Unix is helpful
• Knowledge or experience with EnCase, FTK, SIFT, Volatility, Splunk, Graylog, ELK/Logstash, WireShark, Zeek, or other open source forensic/log analysis/network analysis tools
• Knowledge of programming and scripting for development of security tools and industry frameworks is helpful
• SCADA / Control systems network experience a plus

Perks

• 100% medical, dental and vision coverage
• Flexible PTO policy
• Annual home office stipend and WeWork access
• Mental & physical health wellness programs (One Medical, Headspace, Gympass, and more)!
• Competitive compensation and opportunity for advancement
• Our compensation reflects the cost of labor across several US geographic markets. The US base salary for this position ranges from $79,000/year in our lowest geographic market up to $115,000/year in our highest geographic market. Consistent with applicable laws, an employee's pay within this range is based on a number of factors, which include but are not limited to relevant education, skills, job-related knowledge, qualifications, work experience, credentials, and/or geographic location. Your recruiter can share more on target salary for your location during the interview process. Coalition, Inc. reserves the right to modify this range as needed.

#LI-Remote