Tracking Code 219474-021Job Description
This position interacts closely with Information Technology and business units as a representative of the Information security team by providing 2nd tier support in a Security Operation Center environment and aids in the design and implementation of security technologies. The position requires strong in-depth technical knowledge in security engineering, computer and network security, as well as strong authentication and security Protocols. Responsible for 24x7 availability of all security devices within the enterprise; works in a rotational on call schedule.
Ensures network communications and hosts across the enterprise adhere to security policies and standards.
Configures and monitors security products such as firewalls, IDS/IPS, vulnerability scanning, security event management and proxy server software. Implement, manage, and maintain network firewalls, intrusion prevention systems, messaging security gateways, and Internet security proxies. Manage endpoint security platforms, including Host Intrusion Prevention and Anti-virus.
Performs analysis of network and host security needs and contributes to the design, integration, and installation of hardware and software.
Proactively assess potential items of risk and opportunities of vulnerability in the environment.
Collaborates with Network and Server Operations Support to help maintain/upgrade network and host to maintain a secure environment.
Assists in the support of security technologies such as user access, Internet filtering, e-mail security, antivirus, data loss protection, document management, forensics, vulnerability assessments, collaboration technologies and mobile platforms.
Communicates and interacts effectively with all levels of the enterprise and partners with the business on providing technical security solutions across organizational lines. Work collaboratively with other Information Security and other technology and business team members.
Assists in creating, maintaining, updating platform documentation and standard operating procedures. Design and implement information security controls in different applications and business processes as required by the business or various regulations or standards.
Defend the information enterprise in accordance with established policies, procedures, guidelines, and good practices. Evaluate and develop solutions to address the protection of information assets.
Identify and remediate issues that impact the security of the information enterprise.
Synthesize information generated from logs, SIEM, and other sources to effectively respond to emerging threats. Architect, develop, deploy and support information security systems and solutions such as key management, Tripwire, password vaulting, SIEM, anti-malware, central AV, etc
Apply in practice understanding of advanced security protocols and standards.
Actively participate in information security reviews and audits.
Monitor security systems, respond to events and alerts.
Bachelor's degree from four-year college or university in Information Systems or related field
8 years experience in a security role at an enterprise or service provider environment
Professional security certifications such as CISSP, SSCP, GCED, GCFW, GIAC, GSEC, GSNA, Websense Certified WSGA Professional, CCSP (Cisco Certified Security Professional)
The duties listed are representative of the job; however, it in no way states or implies that these are the only duties a person may be required to perform. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or is an essential function of the position.
We are proud to be an EEO/AA employer/Veteran/Disabled. We maintain a drug-free workplace and perform pre-employment substance abuse testing.