Provide technical expertise and protection of assets by reviewing, analyzing, and implementing security controls, functions, toolsets, and processes to allow for a secure, robust, and reliable environment.
DUTIES AND RESPONSIBILITIES
- Participates in small to large strategic infrastructure and application development projects to assess risk and implement appropriate security protections and controls. Evaluates the implementation of new systems and/or network connections against overall risk, security best practices, and corporate standards.
- Participates in product selections, implementations, upgrades, and ongoing support and maintenance of Security Operations toolsets used to identify, protect, detect, respond, and recover.
- Administers security controls and software such as antivirus, anti-spam, intrusion detection/prevention (IDS/IPS), security incident and event management (SIEM), PKI, firewall, web proxy, identity management, and endpoint detect and respond (EDR).
- Analyzes cybersecurityevent data and information sources for attack indicators and works to provide detections, corrections, and the implementation of countermeasures to ensure protection of enterprise assets.
- Responds to, investigates, and analyzes events to determine actions to be taken, including ensuring the proper protections or corrective actions.
- Analyzes business impact and exposure based on emerging security threads, vulnerabilities, and risk. Communicates securityrisks and solutions to business and IT staff as needed.
- Contributes to the development and maintenance of information security strategy and architecture.
- Improves security efficiency and streamlines/automates work processes while working collaboratively with other team members and IT staff to accomplish objectives.
- Researches, designs, and advocates new technologies, architectures, and security products that will supportsecurity requirements for the enterprise and its customers, business partners, and vendors.
- Analyzes, designs, and implements corporate and departmental securityprocesses and controls that are efficient and effective. Provides input for updating and/or creating corporate policies and procedures and defining and scoping Security-sponsored projects.
- Participates in securityrisk assessments.
Education and Experience
- Bachelor's degree or Associate's degree with equivalent experience.
- Five to ten years of experience in a security field and experience with current industry security best practices within the last three years.
- Experience in threat intelligence community.
- Industry certifications or training in cybersecurityincident management such as Certified Information Systems Security Professional (CISSP), Security+, etc.
Knowledge and Skills
- Knowledge of and experience with multiple technologies such as SIEM, patch and vulnerability management, EDR, identity management, PKI, firewalls, web proxies, antivirus and anti-spam solutions, etc.
- Knowledge of additional networkinfrastructure components including routers, switches, and associated network protocols and concepts.
- Advanced working knowledge of threat analysis, threat mitigation strategies, and security best practices.
- Ability to advise and influence IT system architects, technical project teams, and the business relative to controls necessary to mitigate risk while aligning with corporate standards.
- Demonstrated ability to learn new technologies with minimal support and guidance.
- Independent thinker; must be able to prioritize work and plan future activities.
- Working knowledge of NERC CIP and securityassociated with ICS systems a plus.
- Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
- Advanced skills in analyzing data, recognizing unanswered questions, and seeking out answers until a thorough understanding of securityrisk operational needs and/or limitations is reached.
- Advanced ability to interact, communicate, document, and consult with various levels of management throughout the organization including the Security team, other Information Technology staff, and business units.
- In-depth technical knowledge in implementing data protection and integrity, operating systems and networksecurity, authentication, and security protocols.
- Able to work within both documented and undocumented processes and to improve those processes.
- Strong written and oral communication skills with the ability to interact effectively at all levels of responsibility and authority.