This role requires a broad skillset within the security field including technical and analytical skills. The role will report to the Director of Information Security. This position will require a mix of soft skills (internal consulting, security subject matter expertise and security vendor management) as well as technical skills requiring hands on security tool configuration and administration. This position will be responsible for managing inputs and outputs from our MSSP (Managed Security Services Provider). QUALIFICATIONS
- 5-8 years' experience in Information Security and/or Network Security
- Have an understanding and working knowledge of regulatory requirements such as PCI, SOX
- Familiarity with ISO and NIST standards for security.
- Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel
- Experience with network security, Firewalls, VPN's, and networking (Cisco, Palo Alto etc.)
- Experience with internal project consulting and providing security requirements and recommendations (including architecture) for secure project implementations
- Experience with threat and vulnerability management
- Experience with security issue/incident investigations and incident response including reviewing logs and system events.
- Experience in reviewing and approving firewall rules (but not responsible for implementing or managing firewalls)
- Must be able to work independently with minimal supervision
- One or more Security Certifications such as : CISSP, CEH, CISA, CISM, GIAC, CRISC
- Ability to work a flexible schedule based on department and company needs
- Ability to be on call rotation 24x7
- Experience working with Managed Security Service Provider
- Prior hands on experience with firewalls, routers, switches
- Prior hands on experience with IDS/IPS and a variety of security tools and applications
This job description is not intended to be an exhaustive list of all duties or responsibilities associated with the job. Other job-related duties may be assigned.