The Security Specialist will be responsible to ensure security is designed into the application implementation from the
infrastructure and software integration through testing and go live. As Information Security Specialist you will
be accountable for having detailed knowledge in a broad range of Information Security disciplines and to educate and drive the implementation and standardization of the company’s enterprise security program. This will involve contributing to the
development, maintenance, and implementation of the enterprise security program, and helping to ensure the overall achievement and compliance with the security goals, SoX regulatory requirements, and company direction. This person will bring industry insight and information security understanding and implementation experiences to establish security approaches and deployment plans to initiate and drive the security function into the organization.
Works with the business units and with other risk functions to identify security requirements, using methods that include risk and business impact assessments.
Performs control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, and recommends remedial action to the Manager of Infrastructure in conjunction with the CIO.
Reports to Infrastructure Manager concerning residual security risk, vulnerabilities and other security exposures, including misuse of information assets and non-compliance.
Develops the methods to evaluate and measure the security maturity and understanding of the business units
Work with communications functions as well as corporate communications to provide companywide education and advocacy on the information security topics.
Participates in project reviews, and evaluation (such as audit) reviews to understand the issues and gaps, factor into continuous improvement and alter/enhance the education and communication plans regarding security.
Plays an advisory role in application development or acquisition projects, to assess security requirements and ensure that security controls are implemented as planned.
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
Builds business cases to establish, grow and change business groups, functions and technologies towards security compliance and best practice.
Contributes to the development and growth of WireCo’s Security Program, accounting for security architecture, policies, principles and standards.
Develops standard awareness and overall education/outreach programs related to information security and establish a mechanism to monitor and measure Information Security Risk understanding and maturity level.
Defines, implements, and maintains security configuration and operations standards for security applications, compliance tools, network security appliances, and host-based security systems. This includes but is not limited to SPAM/Web Filters, Firewalls, Intrusion Detection/Preventions Systems, and monitoring software.
Assists with MACD processes regarding employee’s physical access to WireCo’s secured facilities, rooms, and/or closed areas.
Periodic review of current access will be required.
Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
Analyzes logs from security appliances/servers and provides corrective actions/recommendations to ensure all enterprise systems and applications are functioning and secure.
Configure, monitor, and support IP Networks using MPLS, IPSEC, and VPNs.
Other duties as assigned.
University degree in relevant subject area (Computer Science, Computer Management, Information Assurance focus etc.) or, equivalent work experience
Capable of multitasking security activities in a fast paced, multifaceted environment
Must have the ability to work well with customers, peers, and management
Must have excellent time management skills
Basic understanding of IP networks, routing, firewalls, and intrusion detections systems
Proficient with the Microsoft Office Suite, Visio and SharePoint
Bilingual in Portugese, Spanish or Polish is a plus.
Knowledge and experience in Networking, TCP/IP, Cisco routers, CISSP (Certified Information Security Professional) is preferred.
WireCo WorldGroup - 15 months ago
WireCo WorldGroup is the global leader in manufacturing, engineering and distributing wire rope, wire rope assemblies, high carbon wire,...