Monitor and advise on information security issues related to Company systems to ensure the internal security controls are appropriate and operating as intended.
Manage vendors relative to Information Security systems and services.
Assist with the design, deployment, and maintenance of the following Information Security systems: File Integrity Monitoring, Security Vulnerability Management, Security Information and Event Monitoring, Encryption and Key Management, Certificate Management, Privileged Access Management, Web Application Vulnerability Management and Web Application Firewalls.
Assist with the coordination and execution of Information Security projects and tasks.
Coordinate response to information security incidents.
Assist with the development and review of Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
Assist with design and deployment of Information Security metrics tracking.
Conduct security research in keeping abreast of latest security issues.
BA or BS in Computer Science, Management Information Systems, or 10 yrs of commensurate work experience.
Five+ years of progressive experience in computing and information security, including experience with TCP/IP network design and deployment.
Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired.
Knowledge of information security standards (e.g., PCI DSS, ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
Strong analytical and problem solving skills.
Excellent communication (oral, written, presentation), interpersonal and consultative skills.
Required 5 Years: Progressive experience in computing and information security - including experience with TCP/IP network design and deployment
Required 3 Years: Experience with security policy development, network penetration testing, application vulnerability assessments, risk analysis and compliance testing
Required: Knowledge of info security standards (e.g., PCI DSS, ISO 17799/27002, etc.), rules and regulations related to info security and data analysis.
Required: Strong analytical and problem solving skills
Required: Excellent communication (oral, written, presentation), interpersonal and consultative skills
Desired 10 Years: Work experience in Information Security Engineering/Analysis
Desired: CISSP, GIAC, or other security certifications
Desired: BA or BS in Computer Science/Management Information Systems
Information Technology - 18 months ago