Identify, isolate, and resolve potential information security issues to enhance system performance and reliability. Develop and implement technical tools, processes and checklists to improve information security effectiveness. Research and advise staff on information security issues and trends: provide support in determining applicable information security controls. Perform remediation action including, but not limited to information security investigations based on critical alerts, security bulletins and/or high confidence security threat intelligence Support IT risk management processes. Apply a proactive threat-hunting approach to daily security operations.
Bachelor’s degree in information technology or related discipline.
Bachelor’s degree or higher in information system security, network security, or related discipline.
3-5 years of relevant information security experience, or equivalent combination of education and experience. Must include at least 1 year of direct experience with the evaluation and compliance of IT systems.
Firewall and Secure Email Gateway monitoring. Assisting users in distress. Quarantining users.3+ years relevant professional experience with the evaluation and compliance of IT systems for the assessment of vulnerabilities and providing appropriate information security countermeasures to ensure implemented information security architectures comply with enterprise-level security architecture standards, including information security programs, protocols, and maintenance of existing systems. Experience with Network and system diagnostic tools and maintenance.
Required Skills, Knowledge and Abilities:
Demonstrated understanding of IT security principles, concepts, policy and regulations. Demonstrated ability to effectively document security controls. Excellent project management, planning, and analytical skills. Ability to maintain adequate confidentiality, integrity and availability of information. Ability to communicate technical information effectively to a non-technical audience. Experience in security incident management and investigation.
Preferred Skills, Knowledge and Abilities:
Completion or progress toward Certified Information Systems Security Professional (CISSP) certification and/or other recognized industry certification(s) (i.e., CompTIA, CRISC, CISM, OSCE, CEH, etc.). Knowledge of enterprise infrastructure and application monitoring tools from vendors such as Microsoft, IBM, HP, Splunk, ServiceNow, etc. Experience with one or more of the following standards: ISO 2700*, NIST 800-37/53/171 and the ITIL Framework.
EOE/AA/Minorities/Females/Vet/Disabled/Sexual Orientation/Gender Identity