This position will be responsible for the secure operation of the in-house computer systems, servers, and network connections. The successful candidate must be a technical subject matter expert that works with various teams to analyze and identify technical requirements.
- Monitor logs for unusual or suspicious activity. Interpret activity and make recommendations for resolution. Logs include servers, workstations, firewalls, intrusion detection systems, 2 factor authentication systems, web application firewalls, data loss prevention systems, file integrity monitoring systems, anti-virus/malware systems, security incident and event management systems (SIEM).
- Participate in investigations into problematic activity.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (i.e. workstations, servers, network devices, etc.).
- Deploy, manage, and maintain all security systems and their corresponding or associated software.
- Design, perform, and/or oversee penetration testing of all systems in order to identify system vulnerabilities.
- Participates in the planning and design of enterprise security architecture.
- Recommend, schedule, and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
- Administer and maintain end user accounts, permissions, and access rights
- Participate in the governance process to influence projects to adhere to SSAE 16 and PCI DSS requirements.
- Deliver “hands-on” security architecture expertise in information security disciplines in support of the environment.
- Evaluate new and emerging security technologies for potential suitability in the company’s environment.
- Bachelor’s Degree or equivalent work experience.
- Minimum of 4 years of experience in information security and engineering.
- 4+ years expertise and knowledge with monitoring, designing, and implementing enterprise security solutions.
- Certification in one or more IT Security disciplines is preferred. CISSP or CISM is preferred.
- Experience with firewalls, intrusion detection systems, 2 factor authentication systems, web application firewalls, data loss prevention systems, file integrity monitoring systems, anti-virus/malware systems, and security incident and event management (SIEM).
- Possesses knowledge in various information security areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT architecture, Monitoring, Incident Response and Security Strategy.
- Proven experience in highly complex environments
- Must have excellent networking skills. Extensive knowledge of switching, routing, and firewalls is necessary.
- Must be well disciplined and comfortable making changes in critical 24x7x365 Data Center environments.
- Experience securing high-density virtualization computing and Microsoft workstation and server environments.
- Self-motivated and accountable for your work
- Champion team success over individual accomplishment
- Excellent written and verbal communication skills and executive level presentation skills.
- Ability to work on-call and occasionally overtime.