ITSIS is seeking to fill the position of Senior IT Assistant, Security, Risk and Compliance. The successful candidate will partner with other security professionals to develop AI applications and automation playbooks supporting security operations team.
Responsibilities:
Plan and execute the implementation of threat management solutions using a data driven and Agile approach.
Continuously identify and implement necessary tools and infrastructure to support and enhance the threat management program. Develop scripts, tools, and methodologies to strengthen security operation.
Develop and build applications and APIs using Python, Power Platform, SharePoint Online and Data Modeling capabilities using Dataverse following Agile principles.
Employ Python for backend and use technologies like HTML, CSS, JavaScript for front-end to build scalable web applications. Ensure seamless integration and user experience.
•Design and manage Azure cloud infrastructure, focusing on deploying scalable applications and services. Optimize cloud resources for security, performance, and cost.
Utilize OpenAI's GPT models via Azure, including fine-tuning, deploying, and scaling.
Integrate AI/ML models using OpenAI and other AI frameworks into applications. Apply machine learning algorithms to enhance application intelligence and functionality.
Create RESTful APIs with Python and integrate third-party APIs. Ensure the APIs are secure, efficient, and scalable.
Design, implement, and manage SQL and NoSQL databases. Focus on data integrity, performance optimization, and security.
Build and maintain applications using Power platform, automate using power automate, perform data modeling using Dataverse, build dashboards and reports using Power BI.
Implement security best practices and protocols to protect data and comply with regulations. Use tools and methodologies to secure applications and data.
Maintain code quality with reviews, testing, and documentation. Use version control (e.g., Git) and document development processes for maintainability.
Keep up to date with the latest in software development, cloud technologies, and AI. Innovate and apply new technologies to improve application performance and user experience.
Continuously research, explore, and document newly onboarded enterprise technologies and data sources to identify new artifacts and analytical methodologies that can be leveraged to detect cyber threats.
Leverage operational results to identify, communicate, and mitigate identified threats as well as implement knowledge sharing across various teams.
Identify process and resiliency improvement areas; propose changes.
Bring an applied understanding of relevant and emerging technologies, begin to identify opportunities to provide input to the team and coach others, and embed learning and innovation in the day-to-day.
Perform other duties as assigned.
Requirements:
Bachelor's degree in computer science, information technology, systems engineering, or a related field.
Direct experience working with large datasets and log analysis tools including but not limited to: SIEM, EDR, Python, PowerShell, etc.
Demonstrable knowledge of large enterprise environments, network protocols, network devices, operating systems (Windows, macOS, Linux, etc.), and cloud environments.
Experience using Splunk’s Search Processing Language (SPL) and Microsoft’s Kusto Query Language (KQL).
Familiarity with common enterprise scripting languages (PowerShell, Python, Bash, etc.).
Demonstrated knowledge of cloud platforms, with a specific focus on Microsoft Azure, including Azure WebApp, Azure functions, Azure OpenAI, APIM, Azure SQL Database, and Azure Blob Storage.
Database Management: Experience in designing, implementing, and managing both SQL and NoSQL databases, ensuring data integrity, security, and performance optimization.
Proven ability to develop and manage RESTful APIs, along with integrating third-party APIs, demonstrating expertise in creating scalable and maintainable service interfaces.
Experience in understanding and analyzing various log formats from various sources.
Familiarity with industry-standard processes defined for systems design, database design, development, testing, and integration phases of a project, including Agile-based implementations.
Experience working in Agile environments, participating in Agile ceremonies, and utilizing Agile methodologies for security operations and threat hunting.
