Reach Your Peak with ICMA-RC, a FINANCIAL SERVICES LEADER in public sector employee retirement products and services. Headquartered in Washington, DC, our Financial Services Corporation manages over $40 billion in retirement plan assets for more than one million participant accounts. We are constantly looking for ways to create new opportunities to serve our participants. We have an extraordinary talent base and invite you to consider joining ICMA-RC's Information Security team.
This position is responsible for ensuring the secure operation of the in-house computer systems, servers, and network connections. This includes checking workstation and server logs, scrutinizing network traffic, reviewing virus scans, and troubleshooting issues. This position will also analyze and resolve server security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required. IT professional must be aware of the five emerging trends that are changing the IT skills landscape: mobility, cloud, big data, social media, and security.
Essential functions for this role include:
• Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security and system access based on industry-standard best practices.
• Establish and ensure secure configurations for hardware and software on servers, workstations, laptops, mobile devices, and on various operating systems such as Windows, Unix, Linux and VMware etc.
• Develop the processes and tools such as file integrity checking and automated configuration monitoring to track/control/prevent/correct security weaknesses in the configurations of the hardware and software of servers, workstations, laptops, and mobile devices based on a formal configuration management and change control process.
• Familiar with publicly available baseline security configuration standards such as those developed by the Center for Internet Security (CIS), National Institute of Standards and Technology (NIST) etc.
• Review and revise security configurations for all IT systems, as appropriate, when the IT system undergoes a material change, such as an operating system upgrade.
• Monitor and interpret server logs, security logs, and network traffic for unusual or suspicious activity and make recommendations for resolution.
• Establish a process to review applicable security notifications issued by equipment manufacturers, software publisher, bulletin boards, security-related web sites, and other security venues, and establish a process to update security baseline configuration standards based on those notifications and conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Recommend individual IT system configurations or baseline security configuration standards, as appropriate, to improve their effectiveness based on the results of vulnerability scanning.
• Coordinate and collaborate with server infrastructure engineering, network infrastructure engineering, business application development, and database administration function to ensure confidentiality, integrity and availability of corporate servers to meet business demands.
If you have the following credentials, we encourage you to apply:
• BA /BS Degree or equivalent work-related experience.
• 5+ years equivalent work experience in a technical analytical position responsible for securing server environments.
• Advanced knowledge of at least 4 of the following: Win 2003/2008, Unix Solaris, RedHat, Linux, VMware, Exchange, Citrix, SQL, IIS, Proxy, Apache, SendMail, Domino.
• In-depth knowledge of UNIX and Microsoft client and server operating systems and experience hardening UNIX, Windows systems.
• Working knowledge of server application level security. (email, database, web server, etc.)
• Familiarity with TCP/IP and other network protocols, and operating system configuration.
• Strong Network LAN/WAN knowledge and troubleshooting skills are mandatory.
• Written and verbal communication skills, including technical writing and organizational skills.
• Business process and reengineering experience, as well as an understanding of the relationship between processes and policies.
• Must be able to recognize and mitigate server security threats.
• Strong knowledge of Information security principles and practices.
• Ability to conduct research into server security issues and products as required.
• Able to work in a team-oriented, collaborative environment.
• Preferred Certifications: CompTIA Security+ Professional (Security +), Certified Ethical Hacker (CEH), Microsoft Certified System Engineer (MCSE), Certified Information Systems Security Professional (CISSP)
For your well-being, we offer a solid compensation and benefits package that features a competitive salary, a straight-forward incentive plan that rewards results, and a 401(k) Plan.
For your career, we offer tuition reimbursement, professional development courses, seminars, career enrichment assignments, mentoring programs and a record of enterprise growth that creates continuing opportunities for career advancement.
Consider ICMA-RC, and respond in strictest confidence. ICMA-RC is an Equal Opportunity Employer that values diversity in the workplace. Minorities and women are encouraged to apply. We look forward to hearing from you.