Senior Information Security Specialist
8 - 10 years experience • Professional, Scientific & Technical Services
Selective is seeking a dynamic Security Specialist who will work closely with ITS teams and business units to identify and specify the security requirements, standards, and controls for diverse development platforms, computing environments (e.g., host based, distributed systems, client server), software, hardware, technologies and tools, etc. Provides highly technical consulting and leadership in identifying and implementing new uses of securitytechnologies and processes that assist and support the functional business units in meeting their strategic objectives. Acts as expert technical resource in multiple information security disciplines to development staff in all phases of the development and implementation process. Serves as point of escalation for third tier support and provides expertise across a range of information securitytechnologies within their area of responsibility. Analyzes securityrisks within area of responsibility, establishes appropriate metrics to be monitored and associated thresholds for escalation. All job duties and responsibilities must be carried out in compliance with applicable legal and regulatory requirements.
- Responsible for the planning, design, and management of information security systems.
- Independently reviews, assesses, and proposes security software, processes, and services to ITS Management based on their application to business processes and systems, as appropriate.
- Recognizes and identify potential areas where existing data security policies and procedures, and controls require change, or where new ones need to be developed, especially regarding future business expansion.
- Maintains contact with the market regarding security solutions, technologies, and services as necessary to maintain current knowledge of available capability and threats.
- Informs management of critical issues that may affect clients and completes status and statistical reports in assigned area as required.
- Works closely with legal and audit departments to establish compliance with policy and regulatory requirements.
- Provides planning and technical support on security topics to enterprise projects.
- Manages and executes upgrades to existing systems and communicates and coordinates change with impacted departments.
- Develop and operate appropriate logging and monitoring systems to ensure effectiveness of security systems, procedures, and controls.
- Capable of assessing proposed changes to Internet and Intranet security elements and evaluating their technical accuracy and risk to the organization. Presents assessments to the Manager of ITS Security as appropriate.
- Expert level knowledge of current security control technologies and procedures for a large scale database and data communication environment.
- Ability to understand and clearly explain general methods of information security to other members of the organization.
- Ability to express complex technical security control concepts passionately and effectively (verbally and written).
- Ability to work well with people from different disciplines with varying degrees of technical experience.
- Ability to communicate effectively when dealing with external customers and suppliers.
- College degree in Information Security, Computer Science or related field preferred.
7+ years experience in Information Security or related fields of work
- Ability to express complex technical concepts effectively, both verbally and in writing.
- Ability to work well with people from many different disciplines with varying degrees of technical experience.
- Security specific certifications such as CISSP, GIAC, or equivalent designation highly preferred.
Job ID 5589