Job Description Summary: Manage, design, implement, monitor, and document systems designed to safeguard the enterprise computing environment(s) against unauthorized or unintentional access and destruction of assets or violations of defined policies. Responsible for network and system security controls design, review, and consultation in all areas of the organization. Responsible for conducting security risk assessments and reporting results, including recommendations for corrective actions.
*Note: This position is required to be on call 24x7
Tasks & Responsibilities:
• Provide technical guidance for different security related technology projects, e- business initiatives and enterprise application portfolio.
• Oversee effectiveness of third party event monitoring and incident response capabilities.
• Identify technical implementation risks associated with vendor applications, infrastructure products, and legacy system initiatives; and analyze potential security exposures and impact to existing software and infrastructure design.
• Serve as WG’s technical security advisor to third party service provider resources engaged in the operational management of system configurations, upgrades, and security tuning and project support.
• Provide solutions/recommendations to minimize the risk of implementation of recommended products, applications and infrastructure.
• Direct required changes to service provider managed security infrastructure.
• Investigate latest security related vulnerabilities and advises team regarding the best approach to ensure infrastructure security posture is in intact.
• Lead changes to attack recognition and response systems (through the use of intrusion detection and monitoring systems) to ensure the organizational network systems are safe from intrusion.
• Identify the strategic direction of security vendor products and offerings related to security technologies, and recommend new approaches to support business needs.
• Develop and maintain security policies regarding communications systems, network systems, and data security.
• Review contracts related to information security for all new projects implementing any technology involving external service providers, IT resources and other WG business units.
• Manage engagement with multiple ITS service providers regarding security system updates, products, and maintenance agreements.
• Serve as ITS liaison to risk management and audit organizations to identify, document and resolve corporate risks.
• Investigate and advises on security related product fixes, patches, upgrades and new installations are analyzed appropriately, planned for and implemented correctly.
• Lead planning sessions focused on strategic planning of logical security
Skills & Abilities:
• HS diploma required
• Bachelor’s degree in computer science, information security, network security, or related field strongly preferred
• Minimum of 7 years experience working in an IT security/compliance environment
• CISSP or CISM certification required.
• Specific knowledge supporting Active Directory services including rights and permission management, identity federation and related standards and protocols
• Must currently have or able to obtain DoD Secret clearance
• Extensive knowledge of computer security systems and troubleshooting techniques
• Experience with deploying and configuring computer anti-virus systems, threat detection and monitoring systems, access control/governance tools, secure communications, and internet/intranet security best practices
• Experience in working with virtualized infrastructures, including VMWare, Hyper-V, or Citrix
• Hands on experience with deploying and managing enterprise-class firewalls and related security tools
• Formal training in principles of safety and best practices
• Operations experience with secure e-business architecture and encryption techniques
• Ability to proficiently operate computer software and hardware for data manipulation, analysis and presentation purposes
• Ability to establish rapport and effective working relationships with team members and business partners
• Ability to logically analyze and solve narrowly defined business problems
• Ability to listen and orally communicate ideas and information effectively
WGL policy prohibits employee and applicant discrimination and harassment. Specifically, our objective is to recruit, hire, train and promote the most qualified persons without regard to race, ethnicity, religion, gender, age, national origin, marital status, sexual orientation, gender identity, family responsibilities, matriculation, physical or mental disabilities, political affiliation, or status as a protected veteran.
Auto req ID 1241BR