To help safeguard the organization’s computer network and systems by planning and carrying out industry standard security measures; Monitor and protect sensitive data and systems from infiltration and cyber-attacks by identifying security vulnerabilities. To analyze and execute proper security incident response protocols depending on the situation at hand.
Focus will be to Lead the effort to develop security standards, procedures, and guidelines for multiple platforms, applications and diverse systems environments as well as evaluating existing information security procedures and identifying new areas of risk. Conduct Security reviews. Conduct Vendor Security Risk Assessments to determine which vendors have access to confidential information and perform detailed assessment based on the risk. *Work-at-home - Applicant must have a reliable broadband Internet connection
- Monitors the organization’s network and systems for security breaches or intrusions; Responds to security alert notifications (I.e. Security Operations Center (SOC), AV/Endpoint Threat Protection, Email, Help Desk, etc.) as per incident response protocol.
- Routinely analyzes and compiles vulnerability report data of ARH network, systems, and devices; Reports and provides remediation recommendations to management.
- Reviews and analyzes VPN and External Connectivity log data for irregular behavior.
- Proactively researches and advises management of global cyber threats; Takes appropriate action to safeguard and protect ARH assets.
- Leads incident response activities to minimize the impact of security incidents and breaches; Reports forensic findings to management.
- Educates the workforce on information security through training and building awareness.
- Develops security standards and best practices for the organization and recommends security enhancements to management as needed; Creates, reviews, and updates security policies for the organization.
- Work experience in a relevant IT role working with cyber security concepts & tools
- Ability to work with stakeholders to assess potential risks.
- Ability to analyze existing security tools and provide software solution recommendations.
- Ability to translate business requirements into non-technical, lay terms.
- High-level written and verbal communication skills.
Minimum Work Experience
4+ years in a relevant IT role working with cyber security concepts & tools
Required Skills, Knowledge, and Abilities
- Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies, and methods
- Experience designing secure networks, systems, and application architectures
- Knowledge of disaster recovery, computer forensic tools, technologies and methods
- Experience planning, researching and developing security policies, standards and procedures
- Professional experience in a system administration role supporting multiple platforms/applications and reviewing event viewer logs.
- Ability to communicate network security issues to peers and management
- Ability to read and use the results of malicious code and anti-virus software
- Application security and encryption technologies
- Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication