Security Administrator

Posted 6 months ago

Security Administrator Job
Apply now »
Location: Dallas, TX, US
Job Title: Security Administrator
Job ID: 18099
Location: Dallas,TX, US
Full/Part Time:
Regular/Temporary: Regular

Security Administrator

Security administration is a hands-on role that requires a high level of technical expertise. The person in this position is responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices; support and analysis for security incident response actions; and architectural design of a wide variety of IT security systems across the enterprise – including network, operating system, and/or application based systems.

Additionally, as legal and regulatory compliance drivers continue to grow in impact and importance, many of the security administrator’s tasks may also be part of an audit support function.

The individual in this position interacts closely with security product vendors and service providers, with personnel from various ITO departments — including the application development, operations and network, and client development — and with business departments.

Roles and Responsibilities

Primary Duties

  • Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines.
  • Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
  • Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
  • Apply patches where appropriate and, at the direction of the VP Security Operations, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards.
  • Locate and repair security problems and failures.
  • Collate security incident and event data to produce monthly exception and management reports.
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
  • Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
  • Develop and maintain documentation for security systems and procedures.
  • Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
  • Provide guidance to junior members of the team.

Additional Optional Duties (depending on particular technical expertise/focus)

Event Management/SIEM Management

  • Respond to and, where appropriate, resolve or escalate reported security incidents.
  • Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.

Identity and Access Management (IAM)

  • Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
  • Assist and develop with the implementation of integrated identity and access control solutions within the environment to support IAM functions – i.e. Windows domain architecture and active directory configuration; Unix and other operating system integration with main directory respositories.

Infrastructure Protection

  • Participate in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems.
  • Assist in the management of firewalls, intrusion detection systems, switches and routers.
  • Download and test new security software and/or technologies.
  • Support data encryption deployments, including key management.

Risk and Control Assessment

  • Implement or coordinate remediation required by audits, and document exceptions as necessary.
  • Perform system and application vulnerability testing.
  • Participate in enterprise testing and assessment activities.

Threat and Vulnerability Management

  • Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
  • Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
  • Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
  • Monitor security vulnerability information from vendors and third parties.

Security Engineering

  • Maintain network security diagrams.
  • Support information security architectural requirements.
  • Participate in information security working groups.

Educational Qualifications

  • Minimum of two years of enterprise level IT or network security experience:
  • One to two years of experience for a junior security administrator.
  • Three to five years of experience for a senior security administrator.
  • Bachelor’s degree in information systems, or equivalent work experience.
  • Certifications from Microsoft, Cisco, or other commonly used enterprise technical providers – depending on particular technical expertise/focus).
  • CISSP or equivalent is strongly desired (may be deferred depending on level of technical expertise).

Technical Competency

  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
  • Technical proficiency with security-related systems and applications, especially Microsoft Domain/Server level systems, Intrusion Prevention System (IPS), Security Incident and Event Management (SIEM), Data Loss Prevention (DLP), and/or network/host based forensics.
  • Experience in developing, documenting and maintaining security procedures.
  • Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
  • Working technical knowledge of current systems’ software, protocols and standards.
  • Strong knowledge of TCP/IP and network administration/protocols.

Occupational Personality

  • Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
  • Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously.
  • Ability to work well under minimal supervision.
  • Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel.
  • Strong written and verbal communication skills.
  • Strong customer/client focus with the ability to manage expectations appropriately; provide a superior customer/client experience; and build long-term relationships.
  • Experience in developing, documenting and maintaining security procedures.

Job Features

Job CategoryAdministrator, Security Officer

Apply Online

A valid phone number is required.