- Serves as the subject matter expert supporting multiple disciplines of information security including security architecture, standards, solutions design and implementation; handles development of standards/procedures in compliance with policies, state and federal regulation, and security best practices; manages the secure operation of the company’s computer systems, firewalls, servers, and network connections; provides security solutions to internal customer and constituents; partners with project teams to ensure that security is designed in to all technology initiatives; recognizes areas of improvement within the environment, and balances those initiatives with organizational goals.
Principal Duties & Responsibilities
- Takes a lead role in mapping security standards to technical solutions in support of business needs.
- Works with project teams, architects, and constituents to design and implement security solutions in support of corporate information security policy, regulatory requirements, and security best practices.
- Works as part of the development team to maintain the security and regulatory compliance of systems architected, built, installed and used by the company.
- Researches, analyzes, and recommends the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.
- Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; tests new security software and/or technologies.
- Provides ongoing engineering support for security systems including firewalls, virus protection systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
- Creates audits, and reports the enforcement of policies, procedures and associated plans for system security administration, and user-system access as defined by company standards.
- Contributes to the design and implementation of the disaster recovery plans for security of the company’s computer systems, databases, networks, servers, and software applications
- Develops technical security standards in support of information security policies and principles
- Ensures that planned testing activities are performed and technical criteria are met
- Plans and monitors the installation of distributed infrastructure systems
- Performs other related duties as required.
Education & Experience Required
- Minimum Required Bachelor’s Degree Information Security, Computer Science, Information Systems or a related field
- Minimum Required Six or more years experience in information security, engineering or professional related work experience
- Minimum Required Advanced knowledge of multiple security technologies (firewalls, IPS, DLP, antimalware, proxies, WAF, etc.)
Education & Experience Preferred
- Preferred Certifications CISSP or other information security related certifications within a given field are preferred (i.e., Microsoft Windows, Cisco, TCP/IP, etc.)
Or an equivalent combination of education and experience.
Job Knowledge & Skills
- Networks (TCP/IP)
- Schematic Architecture Design
- Data Access and User Administration
- Data Security
- Development Requirements Definition
- Network Security
- Security Risk Management
- Server Hardware + O/S Management
- Systems Security and User Administration
- Systems Security Maintenance
- Systems Security Policies and Procedures
- Systems Security Testing and Auditing
- Information Security Technology
- Acting with Integrity
- Communicating Effectively
- Pursuing Self-Development
- Serving Customers
- Supporting Change
- Supporting Organizational Goals
- Working with Diverse Populations