•File Integrity Monitoring (FIM) – Manage the day-to-day administration of the TripWire File Integrity Monitoring (FIM) system across the enterprise.
•Information Security – As a member of the Information Security team, this position will assist in the management of SEA’s global information security program; execute information security assessments within the organization and on third party vendors and service providers; ensure information security policies and controls are compliant with Payment Card Industry Data Security Standards (PCI-DSS); lead assessments to validate PCI-DSS compliance, working closely with our Qualified Security Assessor (QSA); manage risk assessments over proposed new technologies or infrastructure architecture changes; develop and provide security awareness training; respond to security incidents and generate incident reports; assist with the administration of key security program functions, such as firewall management, intrusion prevention, security assessments, Internet content filtering, and incident response.
•Desktop Engineering/Security – Provide technical oversight of vendor who manages endpoint security and patching, validating that appropriate security protection is being implemented; Manage Active Directory group policies related to desktop security; assist with desktop issues that cannot be resolved by tier 2 support.
•Must have strong understanding of general information security concepts & defense in depth
•Must have experience with several aspects of telecommunications and network security, including firewalls, IPS/IDS, penetration testing, vulnerability scanning, software code scanning, two-factor authentication, and cryptography
•Must have experience with access control systems and physical security
•Must have experience with application and systems development security would be a plus
•Must be familiar with current security practices in various version of software and operating systems, including Windows, Active Directory, SQL Server, IIS, .NET, and Cisco network equipment
•Must have a background in vulnerability assessments, risk analysis, and mitigation
•Must have excellent problem solving skills
•Driven to achieve goals and meet deadlines
•Strong interpersonal, written, and verbal communication skills; must be able to explain technical issues in business terms
•CISSP (Certified Information Systems Security Professional) or other industry certification would be plus
•Preference for working in a team-oriented, collaborative environment
•Prior desktop engineering experience (Windows 7) would be a plus; Mac/IOS knowledge would be a plus
Education and Special Skills
•BS in MIS, Computer Science, or equivalent experience
•CISSP (Certified Information Systems Security Professional) certification preferred
•Minimum 5 years of experience in an enterprise network environment
•Knowledge of current protocols and standards is required
•Expertise with Cisco firewalls and switches is required
•Knowledge of PCI DSS is preferred
SeaWorld Parks & Entertainment - 4 months ago