SUMMARY: Responsible for maintaining and supporting the security infrastructure and internal clients who use the organizations’ systems or networks.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following: Other duties may be assigned.
- Responsible for responding to network intrusions, perform vulnerability testing, conduct forensic investigation and mount incident responses, along with testing new or upgraded hardware and software and implementing new technologies.
- Create test plans which will allow for a proper evaluation of security issues for new hardware and software and identify security solutions and implement a multi-layered defense to protect the networks and configure and install firewalls and intrusion detection systems.
- Perform and/or direct penetration testing activities, vulnerability testing, risk analyses and security assessments and develop automation scripts to handle and track incidents.
- Collaborate with colleagues on authentication, authorization and encryption solutions and evaluate new technologies and processes that enhance security capabilities.
- Test security solutions using industry standard analysis criteria and deliver technical reports and formal papers on test findings.
- Respond to information security issues during each stage of a project’s lifecycle and supervise changes in software, hardware, facilities, telecommunications and user needs, define, implement and maintain corporate security policies.
- Analyze and advise on new security technologies and program conformance and recommend modifications in legal, technical and regulatory areas that affect IT security.
- Own and deliver all facets for each of the domains assigned scope, deliver customer information security needs, concise technical output and advice to customers and other staff members in form of documentation/templates/guidelines.
- Implementation and support of the following platforms: McAfee Threat Intelligence Exchange, Endpoint Detection & Response, Data Loss Prevention, Network Security, Vulnerability Management, Risk Assessments, SOC Implementation, Policy Implementation, Firewall Rule Management, File Integrity Monitoring and Secure Web Gateway/Proxy, Scanning and Auditing, IT Operations, GRC, Compliance, IT audits, Cloud, and Software development using NIST ISO, ISF and other best practices and standard.
- Configure log aggregation, review logs for security events and install, configure, and manage network security software.
- Conduct internal and external security audits with IT team and monitor network activity to identify issues early and communicate them to IT teams.
- Act on security breaches and malware threats through email filtering and monitor and respond to emerging threats and ongoing best practices changes.
- Recommend data filtering and event alerts from data feeds to support system and network monitoring needs.
- Establish configurations that ensure event notifications are distributed to the proper management and support staff.
- Report on a timely basis to the Director of Cybersecurity and the Chief Information Officer security management/technical personnel on an ad hoc and on a periodic basis.
- Develop written processes and procedures for help-desk personnel to use to remediate management or security agent issues including customer-specific procedures, as needed.
- Continuously identify and develop security and productivity-enhancing improvements through automation, better procedures, and other innovations.
- Continuously research and learn about additional endpoint security solutions which may not be currently in use, but may be in the future including endpoint encryption (full disk and removable media), desktop firewalls, mobile device management, etc.
- Document current business process flows and functional requirements for information systems.
- Develop project documentation and serve as a security expert and conduct user training sessions. Support the creation and development of security systems, policies, and designs.
KNOWLEDGE, SKILLS, AND ABILITIES
- Completion of a Bachelor’s degree, at an accredited four year university or college.
- Ten years of related experience or training; and/or equivalent combination of education and experience.
- Certified in one or more of the following: Certified Information Systems Security Professional (CISSP); SSCP (Systems Security Certified Professionals), CompTIA Security+
- Proficiency with Fortigate firewalls, Cisco networking, security systems and typical operating systems and relational databases (Microsoft Windows, Microsoft SQL, IIS, Server, Oracle, HPUX).
- Skills in designing countermeasures to identify security risks.
- Ability to apply network security architecture concepts including topology, protocols, components, and principles.
- Experience with Single-Sign-On (SSO) identity federation and protocols, including Radius, MS AD (join-based), LDAP/OpenLDAP, and SAML (including MS Azure-based SAML) and Visio
- Familiarity with public key infrastructure (PKI) and cryptographic protocols (e.g. SSL/ TLS), industry-standard data security practices as it pertains to data classification, and writing specifications and security models for large-scale data warehouses.
- Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or government regulations.
- Experience configuring and administering penetration testing tools (e.g., Nessus, Tenable, WireShark) and windows Active Directory (AD)
- Knowledge of all aspects of a SD-WAN and WAP’s across all sites, Zero Trust & privilege management, IAM & MFA, EDR & AV platforms, Email security (DKIM, DMARC, AV, Phishing), MDM, DLP, Encryption (Data Protection), PKI, SIEM, Secrets management, security frameworks (e.g. NIST 800-53, NIST 800-171, ISO 27001, CMMC, etc.) and risk management methodologies.
- Awareness and experience in a wide range of security tools, organizational and project management skills.
- Team player able to lead a small project team when required and also work independently.
- Experience with Network Based Security Solutions: IPS/IDS, NG Firewalls, Behavioral Analytics, Malware Forensics, etc., Host Based Security Solutions: HIDS, Data Loss Prevention (DLP), Security for System & DB Platforms (On-Premises and Cloud): Linux, Windows, Oracle, DB/2, SQL,Monitoring & Analytics: SIEM Implementation & Optimization Experience.
- Knowledge of virtual machine encryption technologies, identity and access management principles and Advanced Persistent Threats (APT), phishing and social engineering, network access controllers.
- Research, evaluate, and stay current on emerging tools, techniques, and technologies.
- Ability to possess exceptional incident-response skill, and a high understanding of computer forensics and assess current workflows to determine possible future issues
QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the
essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, stand, talk, hear, walk, and use hands to finger, handle, or feel objects, tools, and
controls, and reach with arms and hands. The employee may be required to occasionally lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds.
WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee regularly works near moving mechanical parts and is occasionally exposed to fumes or airborne particles. The noise level in the work environment is usually moderate and travel is limited to less than 25%.
[Equal Opportunity Employer – Disability/Vet]
ITAR COMPLIANCE This position requires access to or use of information which is subject to the federal International Traffic in Arms Regulations (ITAR). All applicants for this position must be U.S. Persons within the meaning of ITAR. ITAR defines “U.S. Person” as U.S. citizen, lawful permanent resident of the U.S., person admitted as a refugee to the U.S., person granted asylum in the U.S., or person granted the status of alien lawfully admitted for temporary residence to the U.S. under 8 U.S.C. §1160(a) (for special agricultural workers) or 8 U.S.C. §1255(a)(1) (an amnesty program).