IT Security Program Development/Integration
- Assist in research and testing of new technologies from a security perspective as required and as driven by the business or regulatory needs.
- Measure and report system security posture through the ongoing development and refinement of security metrics.
- Consulting Services
- Work directly with TDS Telecom Information Technology (IT), Network Services (NS), Network Operations (NO) and TDS Corporate to ensure that TDS Telecom's technical infrastructure is adequately secured.
- Assist with security assessments of businesses acquired by TDS Telecom.
- Implement firewall and VPN policies. Deploy firewalls and VPNs using recommended implementation designs.
- Assist in the deployment and operation of security controls including, but not limited to: intrusion detection, content filtering, configuration management and vulnerability management controls.
- Perform troubleshooting and network traffic analysis to diagnose and resolve problems.
- Monitor systems and devices for compliance with security and regulatory requirements, evaluate activity logs and document actions taken to investigate and resolve any identified issues.
- Assist with root cause analysis, expert problem resolution and debrief activities, including executive communications as required.
Security Investigations and Special Requests
- Work on behalf of Human Resources to collect information (e.g., e-mails, Internet activity) and investigate information security violations.
- Perform systems and network forensic investigations as needed.
- Follow established forensic principles for evidence seizure, computer forensic analysis and data recovery. Gather and analyze data in a manner as free from distortion or bias as possible to reconstruct data or what has happened in the past on company systems.
Maintain Industry Currency, Relevance and Knowledge
- Maintain knowledge of vendor products, services and security technologies and recommend/implement their use.
- Attend relevant IT security-related conferences to network with other industry personnel and maintain certification accreditation.
- Attend relevant IT security-related training to enhance skills, increase security solution capability awareness and maintain certification accreditation.
- Bachelor degree (or higher) –OR– 4+ years of professional work experience.
- 4+ years of IT-related work experience.
- 2+ years of IT security-related work experience.
- Strong preference for candidates with one of the following certifications: ISC² SCCP, CompTIA Security+ or SANS GIAC or one of the following advanced certifications from ISC²: CISA, CISM, CIPP or CISSP.
- Proficient with security principles such as encryption, hashing, PKI and the AAA framework.
- Familiarity with one or more programming languages in the use of simple scripting or application development including: UNIX shell, Perl, Python or Ruby.
- Familiarity with the security concepts for log analysis, monitoring and system and network auditing.
- Experience with performing security investigations and electronic forensic analysis.
- Experience with firewall principles and best practices.
- Experience with one of the following firewall platforms (Cisco ASA, Juniper ScreenOS and SRX, Fortinet and Palo Alto Networks). Experience with Anti-DDoS security devices a plus.
- Familiarity with remote access solutions including solutions for mobile devices.
- Familiarity with IPSec and SSL VPN implementations from Cisco, Juniper ScreenOS and SRX, Fortinet or Palo Alto Networks technologies.
- Familiarity with network hardware including routers, switches and wireless APs.
- Familiarity with network technologies and IP protocols (e.g., VLAN, MPLS, TCP, UDP, ICMP, SA, multicast & unicast). Proficient with the OSI 7 Layer network model.
- Familiarity with IPv4 protocol fundamentals including layer 2 resolution, addressing and subnetting. Familiarity with P1/P2 data flows. Rudimentary familiarity with IPv6 protocol fundamentals.
- Experience with Internet networking protocols (e.g., DNS, NTP, SMTP, FTP, etc.) and experience doing analysis of raw data captures with Wireshark.
- Rudimentary familiarity with VoIP signaling and media protocols.
- Experience with 2 or more families of server OSes including Windows, Linux or UNIX. Experience with 2 or more desktop OSes including: Windows, Apple macOS or popular Linux distributions.
- Familiarity with monitoring and administration of network and host-based intrusion detection and prevention systems such as OSSEC, Tripwire or Verisys.
- Familiarity with network security assessment tools such as masscan, nmap, zmap, Canvas, Core Impact, Metasploit, Lynis, hping, scapy and tcpreplay.
- Familiarity with open source network security intrusion detection tools (e.g., Snort, Bro, Suricata)
- Familiarity with the hardening, monitoring and deployment of systems to DMZ and multi-zoned IP networks.
- Ability to work and lead in a fast-paced and changing environment and to prioritize multiple tasks and organize time with a strong attention to detail.
- Perform tasks outside normally scheduled business hours to complete project work, provide on-call support and/or implement scheduled changes as needed.
- Excellent written, presentation, and verbal communication skills.
- Strong human relations skills to interface with managers and staff at all levels within the organization and an understanding of the business needs that drive the company forward. Ability to engage and partner with vendors and in-sourced providers.