They will monitor alerts, triage potential events and escalate to senior personal for in-depth investigations. They will contribute to any security discussions and act in a consulting role to projects that require security input or assistance.
- Acts as a technical consultant for the enterprise, ensuring security processes for systems align with business needs, architecture and technical standards.
- Reviews reported incidents and potential phishing for malicious activity. Initiating incident response as necessary and responding to reporting users should the report be a false positive.
- Review and analyze network traffic for potential malicious or abnormal activity. Work with network team to resolve and potential security issues.
- Work with the Senior Security Architect to review it assets and network for potential new vulnerabilities or threats that have arisen.
- Provides security guidance and training to IT associates, business information owners and business management.
- Assists in the development and maintenance of information security policies, standards, and procedures; and assist in resolving security policy issues and implementing security procedures.
- Works closely with the Senior Security Architects to ensure security solution consistency with the enterprise architecture and strategy. This includes the review of detailed specifications for security systems and he associated design, scalability, completeness, quality and performance.
- Proactively reviews and analyzes new or proposed security systems, tools and methodologies, assessing their risk and their value in support of security strategy and corporate goals.
- Monitor and maintain security tools that control and monitor information security,
- Recommends and advise on security controls to support the data security needs of systems being developed or acquired.
- Monitor, investigate, and report on security events and incidents.
- Stays up-to-date on relevant security trends. Develops and maintains a network of contacts that can provide information.
- Assists with the development, documentation, implementation, and communication of an enterprise-wide information security strategy and policies.
- Assists with the development, implementation, and management of security controls, processes, and policies as a result of analysis, research, and recommendations.
- On an ongoing basis, conducts security assessments and audits of IT's application and infrastructure portfolio to identify determine issues, weaknesses and gaps in processes and technology.
- Works with all company business units, legal, and internal/external audit.
- Advises on security training and awareness
- Bachelor's degree from four-year college or university in computer science or related technical field; plus three years of work as a security analyst, engineer or incident responder; or equivalent combination of additional education after four-year degree and experience.
- Demonstrated track record of providing strong competent technical contribution on multiple security projects.
- Security+, CISSP, SANS GIAC certification or equivalent Information Security certification.
Expert Knowledge/Experience areas:
- Expert level technically, supplying superior security consultation to provide and support software applications, systems, and infrastructure solutions that meet business needs.
- Broad expertise in the security field's concepts, practices and procedures, as well as substantial business knowledge.
- Strong analytical and problem-solving skills.
- Ability to effectively adapt to rapidly changing technology and apply it to business needs.
- Strong knowledge and understanding of business needs.
- Solid project management skills, especially in a cross-functional environment.
- Strong team-oriented interpersonal and communication skills; ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.
- Ability to effectively interface with a wide variety of audiences, up to executive management.
- Hands-on information security experience with security architecture, network security, and/or computing platform security to include application security, vulnerability scanning, data loss prevention, log management/SEIM, web filtering, use of firewalls access control lists, and Computer and Network Forensics.
- Information Security Frameworks and Standards (ISO, COBIT, NIST, etc.).
- IT Security Risk and Compliance and malware prevention and detection.
- Encryption (SSL, PKI, file and session encryption), intrusion detection and/or intrusion prevention.
To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.
CERTIFICATES, LICENSES AND REGISTRATIONS
CISSP required, or SANS 5XX level certification required or must be obtained within 12 months of hire.
For more information on this job: https://rekruiters.com/jobs/
Rekruiters has been named by business journals as one of the best places to work.
For all of our consultants, we offer benefits such as weekly pay, health insurance, 401k and even profit sharing to our consultants.
https://www.rekruiters.com – Main Site
@rekruiters.com – Twitter
https://www.facebook.com/rekruiters/ – Facebook