Consults on a junior level and provides professional support for the senior IS engineer or IS manager for major components of the company's information security program Responsible for supporting the technical analysis, design consulting and product review of security components. Assists in identifying new tools and techniques. Evaluates and assesses existing technical issues by researching and identifying innovative solutions to broad and complex information security challenges. Candidate is responsible for supporting the IS engineer or IS manager for projects to completion, consulting with various corporate teams, both within the IT and business environments to define information security solutions.
Job Duties and Responsibilities:
- Provides support to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms in diverse system environments. Ensures that security concerns are addressed and mitigated and that are appropriate standards are defined and published.
- Supports the evaluation, testing and implementation of emerging technologies, information systems security issues.
- Performs security assessments and review networking initiatives for security compliance. Prepare status reports and "informational" metrics on security matters; develop security risk analysis scenarios and response procedures.
- Serves as a resource regarding the security of data networks and centralized data frameworks, to include coordinating activities with the business unit, users and external networks.
- Provides input into the design, implementation, and maintenance of the information security architecture. Analyzes, reviews, and determines the technical requirements necessary to mitigate the security risk for Information Technology needs, plans, and initiatives.
- Implements and maintains required security tools. Investigates information security violations; monitor and communicate technical vulnerabilities.
- Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed. Conducts risk assessments and security briefings; advise management of critical issues.
- Evaluates products and/or procedures to enhance productivity and effectiveness. Provides direct support to the company and IT staff for security related issues. Coordinates security awareness programs and provide education on security policies and practices. Provides consultations on security issues regarding new and existing systems.
- Monitors IT assets for security requirements to include procedures, software, and integrity.
- Serve in the on-call rotation that ensures 24x7 coverage of the corporate security infrastructure and network environments, assuming responsibility for resolving or escalating any network issues that arise during own on-call period
- Works to build and maintain a security sensitive mindset within the company culture.
- Supports major projects and initiatives with a management oversight
- Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise and report known or suspected violations to the appropriate Company authority in a timely fashion.
- Performs other related duties as required.
Minimum RequirementsPreferred Knowledge, Skills, & Abilities:
- Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE), and/or Certified Network Engineer (CNE)
Additional Information Minimum Education: Bachelor's Degree in Information Technology, Business Administration, or related field.
Minimum Experience: 6 years of information security experience to include a background in a multiple information security technologies (e.g. intrusion detection, penetration testing, identity and access management).
Required Knowledge, Skills, & Abilities:
- Knowledge of various information security concepts and technologies such as identity management, network security, risk assessment, application security, platform security, security monitoring.
- Basic knowledge of industry standard information security practices and processes.
- Good oral and written communications skills with the ability to communicate to technical and non-technical audiences.
- Strong analytical and problem-solving skills.
- Strong team-oriented interpersonal and communication skills.
- Ability to solve problems independently, quickly, and completely and to communicate them clearly to management.
- Ability to adapt to rapidly changing technology and apply it to business needs.
- Ability to assist with network and application troubleshooting; provide technical consulting support.