Serves as the subject matter expert supporting multiple disciplines of information security including security architecture, standards, solutions design and implementation; handles development of standards/procedures in compliance with policies, state and federal regulation, and security best practices; manages the secure operation of the company’s computer systems, firewalls, servers, and network connections; provides security solutions to internal customer and constituents; partners with project teams to ensure that security is designed in to all technology initiatives; recognizes areas of improvement within the environment, and balances those initiatives with organizational goals.
Principal Duties & Responsibilities
Takes a lead role in mapping security standards to technical solutions in support of business needs.
Works with project teams, architects, and constituents to design and implement security solutions in support of corporate information security policy, regulatory requirements, and security best practices.
Works as part of the development team to maintain the security and regulatory compliance of systems architected, built, installed and used by the company.
Researches, analyzes, and recommends the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.
Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; tests new security software and/or technologies.
Provides ongoing engineering support for security systems including firewalls, virus protection systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
Creates audits, and reports the enforcement of policies, procedures and associated plans for system security administration, and user-system access as defined by company standards.
Contributes to the design and implementation of the disaster recovery plans for security of the company’s computer systems, databases, networks, servers, and software applications
Develops technical security standards in support of information security policies and principles
Ensures that planned testing activities are performed and technical criteria are met
Plans and monitors the installation of distributed infrastructure systems
Performs other related duties as required.
Education & Experience
Bachelor's Degree in computer science or information systems with five to six years related work experience or an equivalent combination of education and experience.
Advanced knowledge of multiple security technologies (firewalls, IPS, DLP, antimalware, proxies, WAF, etc.) is required.
CISSP or other information security related certifications within a given field are preferred (i.e., Microsoft Windows, Cisco, TCP/IP, etc. is preferred.
Job Knowledge & Skills
Schematic Architecture Design
Data Access and User Administration
Development Requirements Definition
Security Risk Management
Server Hardware + O/S Management
Systems Security and User Administration
Systems Security Maintenance
Systems Security Policies and Procedures
Systems Security Testing and Auditing
Information Security Technology
Action Oriented, Customer Focus, Adaptability, Listening, Ethics and Values, Integrity and Trust
Business Acumen, Functional/Technical Skills, Learning on the Fly, Interpersonal Savvy, Planning, Problem Solving, Time Management