Senior Information Security Specialist at NDI in Wilmington, NC

Under the general direction of the CIO, the Information Security Specialist is responsible for the administration and improvement of the information security program for the company. The purpose of this program includes: to assure that information created, acquired or maintained by the company, and it’s authorized users, is used in accordance with its intend and purpose; to protect company information and its infrastructure from external or internal threats; and to assure that the company complies with statutory and regulatory requirements regarding information access, security and privacy.

Responsibilities

• Balance security needs with the organization’s strategic business plan, identify risk factors, and determine solutions
• Define and administer security configuration settings and standards for corporate business platforms and technologies
• Administration of security related systems and technologies including network routers, firewalls, badge access systems, and client endpoint protection solutions such as anti-virus and encryption
• Review network vulnerability and penetration test results, remediate and related issues
• Perform technical risk assessments of information systems and infrastructure
• Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
• Assist with the development of information security policies, standards and procedures
• Ensure company policies support compliance with external requirements
• Act as the organization’s representative when dealing with law enforcement agencies while purposing the sources of security breaches
• Oversee the selection testing, deployment, and maintenance of security hardware and software products as well as outsourced arrangements
• Keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to the company and its mission

Qualifications

Required

• Bachelor’s degree with 4 years of experience in information security, information technology, or combination of education, experience, & superior performance
• Comprehensive knowledge of IT security technologies, techniques, and best practices that cover all levels of IT architecture
• Excellent project management skills
• Ability to work with a broad range of constituencies

Preferred

• Experience developing and administering an information security program
• Hold or actively pursuing related professional certifications such as CISSP, CISM, CISA, or CompTIA Security+