JOB SUMMARY

Manage the development, maintenance, and implementation of information security and control policies, procedures, and standards. Participate in new system development and implementations to ensure development efforts follow appropriate guidelines and controls are adequately incorporated into the systems. Manage risk assessments of systems, applications and networks to identify control weaknesses and ensure the effectiveness of internal controls in reducing information systems control. Coordinate security relationships involving architectures, incident response, and business continuity. Provide guidance and oversight to more junior analysts.

ESSENTIAL FUNCTIONS OF THE ROLE

Incident response of the enterprise network systems to include: Identifying security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. Provides technical support in the development, testing and operation of firewalls, intrusion detection systems, and enterprise anti-virus and software deployment tools.

Identify relevant operational and strategic issues in information systems security; monitor current reports of new vulnerabilities and exploits to determine potential exposure of data and systems, and identify and test those systems. Determine and develop policy, procedures and practices; monitor audit and compliance efforts; provide education, training and communications.

Conducts complex security architecture analysis to evaluate and mitigate issues. Develop policies and procedures for securing the system infrastructure and applications. Responsible for configuration changes in network security appliances and systems, as well as endpoint security applications; evaluate previous alerts and reports to fine-tune security system rules to ensure the most accurate results possible.

Facilitate remediation of infected or compromised hosts: Serve as an escalation point during security incidents for other departments and coworkers and assist in remediating compromised endpoints through established procedures, when required. Perform a full analysis of a compromise, when necessary, to determine if further action is required to maintain the security of the enterprise network.

Prepare incident response reports including root cause analysis to document activities and outcomes; provide follow-up monitoring of compromised systems to verify compromise has been addressed.

Performs highly complex product evaluations, recommends and implements products/services for network security. Validates and tests complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.

Ensure that incident response activities meet best practices, federal regulations, and ongoing HIPAA Compliance activity.

Serve as a mentor for Security Analysts: Serve as a go-to member and subject matter expert (SME) for other analysts on the team, assisting and educating whenever possible, but always in a professional, respectful, patient, and helpful manner

Performs other position appropriate duties as required in a competent, professional and courteous manner.

KEY SUCCESS FACTORS

In depth knowledge of Windows, Mac, and/or Linux Operating Systems.

In depth knowledge of Anti-virus software and/or other endpoint security tools and utilities.

Knowledge of and implementation experience with some or all of the following security technologies and architecture: encryption, network security, firewall configuration, intrusion detection, or application security.

Knowledge of network protocols.

Strong analytical skills with sound and logical problem-solving capabilities and experience.

Strong written and verbal communication skills.

Demonstrated ability to effectively explain complex concepts to others.

Demonstrated ability to teach coworkers advanced skills, tools, and techniques.

Self-motivated to identify and resolve issues as well as develop reports for management.

Strong communication and interpersonal skills with all levels of internal staff and external entities.

Ability to work on a variety of projects simultaneously.

Demonstrates customer-oriented service excellence principals.

Desire to increase knowledge in security related fields.

At least three years IT experience with at least two being in a security-related role required, 5+ years experience strongly desired.

Experience conducting and mitigating security/risk assessments, preferred.

GIAC or (ISC)2 Certifications are a plus.

BENEFITS

Our competitive benefits package includes the following
- Immediate eligibility for health and welfare benefits
- 401(k) savings plan with dollar-for-dollar match up to 5%
- Tuition Reimbursement
- PTO accrual beginning Day 1
Note: Benefits may vary based upon position type and/or level

QUALIFICATIONS

- EDUCATION - Bachelor's or 4 years of work experience above the minimum qualification

- EXPERIENCE - 3 Years of Experience

Return to Search Results