Information Security Analyst + Are you a tech enthusiast who loves solving complex problems? + Do you have a keen eye for detail and excellent analytical skills? + Would your friends describe you as a self-starter who takes pride in your work and enjoys collaborating with others? If so, we have an exciting opportunity for you at The Greentree Group! WHO WE ARE The Greentree Group is a dynamic, innovative, and thriving company that specializes in delivering advanced technology solutions to federal, state, and commercial clients. With a team of highly skilled professionals, we provide cutting-edge services and are always pushing the boundaries of what’s possible. What sets us apart is our commitment to excellence and our passion for the work we do. At The Greentree Group, we are driven by a shared sense of purpose and a desire to make a difference in the lives of people around us. Whether it's helping our clients achieve their goals, developing innovative solutions to complex problems, or giving back to the community, we are dedicated to making a positive impact. We also believe in investing in our people and providing them with opportunities for growth, development, and advancement. We offer a dynamic and supportive work environment, a culture of continuous learning, and a wide range of benefits and perks that promote work-life balance and personal well-being. Whether you're a seasoned expert or just starting out in your career, if you're passionate about technology, committed to excellence, and eager to take on new challenges, we want to hear from you! ABOUT THE OPPORTUNITY As a potential Information Security Analyst, you will have the opportunity to collaborate with a talented team of professionals in support of a client in the Tallahassee, FL area. The ideal candidate will have a strong background in cybersecurity, with expertise in securing IT systems during large-scale modernization projects. This potential role requires hands-on experience in technical analysis, system design, testing, and implementation while ensuring the highest level of security across all IT systems. If you're passionate about protecting sensitive data and mitigating security risks, join us and be part of our mission to make a difference! SOME RESPONSIBILITIES INCLUDE BUT ARE NOT LIMITED TO: + Perform in-depth security analysis for large-scale IT system modernization projects, ensuring that security is integrated from the early stages of design and development through implementation and maintenance. + Conduct vulnerability assessments, risk assessments, and security audits to identify potential security threats and recommend mitigation strategies. + Develop and implement security architectures, frameworks, and solutions that adhere to industry best practices. + Design and configure secure IT infrastructures, ensuring strong defense against cyber threats, and ensuring compliance with regulations and standards. + Collaborate with cross-functional teams to perform system testing, security testing, and load testing to evaluate the performance, scalability, and resilience of new IT systems and applications. + Identify security flaws, evaluate system weaknesses, and provide recommendations to address security risks and vulnerabilities. + Actively monitor, detect, and respond to security incidents or breaches. + Investigate security violations, gather evidence, and report incidents in compliance with the organization's security policies and procedures. + Provide detailed documentation for security configurations, incident reports, and risk assessments. + Produce regular reports for management and stakeholders detailing security risks, solutions, and actions taken to mitigate those risks. + Stay up-to-date with emerging cybersecurity threats, technologies, and trends. + Suggest improvements to security practices, tools, and infrastructure based on current and future needs. MINIMUM QUALIFICATIONS: + Bachelor’s degree in Computer Science (CS), Information Systems (IS), Business Administration (BA), or a related field. + 3+ years of experience in technical analysis, focusing on large-scale IT system modernization projects. + 3+ years of experience in the design, development, system testing, load testing, and implementation of IT systems, with a focus on security. + Extensive experience in information security (e.g., data protection, network security, application security). + Proficiency in security technologies and tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and endpoint security. + Knowledge of network protocols (e.g., TCP/IP, DNS, HTTP/S, etc.) and security concepts such as encryption, authentication, and access control. + Familiarity with cloud security practices and technologies, particularly for AWS, Azure, or Google Cloud environments. + Experience with vulnerability scanning tools (e.g., Nessus, Qualys), penetration testing, and risk management frameworks. + Understanding of SIEM (Security Information and Event Management) tools for real-time monitoring and alerting. + Candidates must be U.S. Citizens. DESIRED QUALIFICATIONS: + Government Experience (Federal/State/Local) + An understanding of the NIST framework helps to align the organization's cybersecurity strategy with industry-recognized best practices. + ISO/IEC 27001: Certification or knowledge of this standard is helpful for organizations focusing on establishing an Information Security Management System (ISMS). + CIS Critical Security Controls: Familiarity with these controls can improve an organization's defense-in-depth strategy. + Certifications: + Certified Information Systems Security Professional (CISSP). + Certified Information Security Manager (CISM). + Certified Ethical Hacker (CEH). + CompTIA Security+ or CompTIA Cybersecurity Analyst (CySA+). + Certified Cloud Security Professional (CCSP) for cloud security expertise. + Certified in Risk and Information Systems Control (CRISC). + ITIL Foundation Certification. + Scripting Skills (e.g., Python, PowerShell, Bash): Assisting to automate security tasks like log analysis, incident response, and system patching, improving efficiency + Security Orchestration and Automation (SOAR) tools: Familiarity with tools like Palo Alto Networks Cortex XSOAR or Splunk Phantom can make a security analyst more effective in automating repetitive tasks and speeding up incident response. + Experience in actively searching for vulnerabilities, breaches, or unusual activity, rather than just responding to incidents. This includes understanding attack patterns, tactics, techniques, and procedures (TTPs). + Familiarity with platforms like ThreatConnect or Anomali for gathering and analyzing threat intelligence to preempt security breaches. We believe in fostering a positive, inclusive culture that values diversity, teamwork, and personal growth. With opportunities for advancement and a supportive community of colleagues, The Greentree Group is the perfect place to build your career. Learn more about us at www.greentreegroup.com. Please note that this role may require a National Agency Check (NAC) and/or background check, and relocation assistance is not available at this time. Greentree is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, national origin, age, sexual orientation, gender identity, genetic information, or status as a qualified individual with a disability or protected veteran. Compensation / Salary Range: Greentree adheres to federal, state, and local regulations. This is a Full-Time, Salary, Exempt position. The salary range is what we reasonably expect to pay but is contingent and subject to a variety of factors, including but not limited to years of experience, education, certification(s), training, specialized skills, responsibilities, etc. Bonuses: Greentree has an employee referral bonus, as well as employee bonuses based on employee contributions and Greentree’s yearly performance. Top Benefits Core Benefits 100% paid by Greentree: Employee Medical Premium on the High Deductible Health Plan (HDHP), Basic Life Insurance and AD&D, Short-Term Disability (STD), Long-Term Disability (LTD), Health Reimbursement Account (HRA), 401(k) Match, Job-Related Certifications, and Training Programs Elected Benefits: Medical, Dental, Vision, HSA, FSA, Voluntary Term Life, 401(k) (Roth and Pretax available) Time Off: PTO, Flexible Schedules, Holidays and Paid Parental Leave: Work-life balance is important – we all enjoy some time off for rest and relaxation! Employees receive a very generous amount of PTO which is granted on start date, plus the ability for quick escalation to the next tier. Flexible/hybrid working schedules and 11 paid holidays, in addition to paid parental leave round out the work-life balance benefits. Paid Training and Development: We encourage and support ongoing employee learning and development, consistent with needs of the company, its clients, and markets. Greentree is committed to paying the cost for job-related certifications and/or training programs. In conjunction with management/employee communication and discussions regarding performance and goals, employees are expected to seek out and pursue development opportunities to meet emerging organizational skill requirements in combination with their own personal growth needs. Greentree also makes job-related tuition reimbursement contributions for those in higher-level education programs.