Provide Company with the security expertise to analyze, design, audit, and enforce security standards with a focus in information security and/or infrastructure security.
DUTIES AND RESPONSIBILITIES
Participates in small to large infrastructure and application development projects to assess risk and implement appropriate controls balancing business need and security risk to the Company. Implements required controls and user access. Plans, estimates, and coordinates security tasks/projects with technical groups, lead security analysts, management, and users.
Researches, implements, and manages security software and associated processes for Company's infrastructure protection including antivirus, antispam, network monitoring, compliance monitoring, and perimeter protection systems.
Provides Tier 3 support for troubleshooting and providing solutions to security issues on a rotating basis, both after hours and weekends. Documents and escalates security incidents, as needed.
Performs and analyzes security vulnerability assessments for network infrastructure and systems. Provides recommendations to management.
Analyzes, designs, and implements corporate and departmental security processes supporting MGE's security program and compliance requirements. Creates and maintains up-to-date security documentation.
Provides direction, training, and review for less experienced Security staff. Monitors and enforces compliance with security procedures. Acts as a resource for discussing issues, audit findings, and/or implementation approaches with other staff.
Performs other duties as assigned including, but not limited to: providing backup for user access administration, coordinating security awareness program, monitoring and interpreting compliance requirements, and supporting business resumption program.
Education and Experience
Knowledge and Skills
- Bachelor's or Associate's degree with equivalent experience.
- Two to five years of experience.
- Experience administering user access and information security controls in a Windows 2003/2008 Active Directory environment and one or more of the following platforms: PeopleSoft, Lotus Notes, Top Secret, and/or Microsoft SQL.
- Experience analyzing, designing, and implementing infrastructure security controls in one or more of the following areas: Windows 2003/2008 Active Directory, database, network and/or firewall environments, remote access, and/or vulnerability assessments and malware protection.
If you are interested in applying for this position, click on "Apply for this Position" below.
- Excellent diagnostic and analytical skills.
- Working knowledge of information security best practices, security compliance requirements, policy development, and auditing processes.
- Able to multitask and effectively prioritize workload.
- Excellent written and oral communication skills.
- Able to work with various levels of staff and management throughout the organization to negotiate decisions on the design and implementation of security controls.
- Ability and desire to work individually and in a team environment.
Madison Gas and Electric - 18 months ago