Job Description :

Technical Phone Screen with hiring manager

2nd interview - onsite

Reports To Manager, Security
(Job Title): Operations
Division: Information Services Department: Corporate Risk Org
Business Unit: Corporate Risk Dept

Work Location:Louisville Full Part Time Shift:

# of Direct 0 # of Indirect 0 Exempt Non-Exempt
Reports: Reports:

Please indicate whether a primary focus of the job is:

Managing others Providing technical expertise (Not Managing Others) Position Summary: Describe below the primary purpose and function of this job Follow a coherent and comprehensive suite of information security procedures to address those risks that are deemed unacceptable, and ensure the information security controls continue to meet the organization''s needs on an ongoing basis. Stay current with security threats and technologies to ensure that existing technology is properly tuned or if there is a need to procure and implement new technologies to mitigate or reduce risk. Provide second tier support advice and guidance to security operations engineers on implemented technologies. Ensure incident response and disaster recovery procedures are up to date and executable.

Key Roles & Responsibilities: List up to 6 key roles and responsibilities of this job.

1. Keep implemented security products up to date and tuned for peak performance within the CLIENT environment.

2. Integrate and automate tasks with implemented security technologies using APIs and scripting technologies.

Ensure compliance with CLIENT''s policies and procedures, payment card industry (PCI) standards, and international organization for standardization (ISO27001) standards; assesses local (LAN) and wide area network (WAN)

3. environments security posture and topology, reviews security relevant documentation, and preparing papers discussing results of analysis to help protect and secure CLIENT data, infrastructure, and systems and educate stakeholders on possible threats.

4. Respond in a timely manner to security events and incidents

Test, recommend and implement new technologies, including working with

5. other business technology teams and groups to assess, implement, and monitor technologies within areas outside security operations.

Be SME on implemented security technologies and have good understanding

6. of enterprise business technologies to be able to assist security operations engineers at a second tier level.

Functional Knowledge: Describe breadth and depth of knowledge of functional work and activities required

Hands on experience in multiple security areas such as: intrusion detection\prevention, enterprise anti-virus, threat management, vulnerability management. Ability to write understandable reports including process or product

improvement recommendations, root cause analysis, security summary analysis, and project roadmaps.

Business Expertise: Describe knowledge and expertise required about the business and industry in which the business functions

Unix and Windows services experience; detailed understanding of next generation firewalls and web application firewalls.

A strong understanding of encryption technologies, DLP, multi-factor authentication, email filtering, API integration and scripting.

Leadership: Describe the nature of leadership required and guidance provided to others

No supervisory responsibility. Work as a part of a team to address complex problems requiring team work/collaboration to diagnose and resolve. Manages own work, with limited oversight from manager.

Problem Solving: Describe the level of analytical thinking required to perform the job

Rely on judgment and experience to solve complex information security problems in a constantly changing environment. Stay abreast of new security vulnerabilities, understand how they impact CLIENT''s products and systems, and recommend remediation to reduce risk.

Impact: Describe the level of responsibility and resulting impact on the business Responsible for the impact of their own work; however their work, when not done properly, can put the company at risk of cyber security vulnerabilities. These risks also impact our compliance with ISO and PCI protocols.

Interpersonal Skills: Describe the level and type of "people skills" that are normally required to do the job

Strong verbal and written communication skills and ability to work with all levels of the organization. Must be comfortable working collaboratively within the team, and across departments to answer questions, give instructions, and resolve security problems.

Scope Information:
Revenue ( P&L): Yes No Annual dollars:
Operating Budget: Yes No Annual dollars:
Job Requirements And Qualifications: Indicate the minimum and preferred education and
experience for this job and any licenses and certifications required.
Minimum Education: Bachelor''s Degree, or Preferred Bachelor''s Degree
equivalent experience Education:

Minimum Experience: 3-5 years Preferred 3-5 years

Required One of the following certifications preferred - CCNA, MCSE, Cisco
Licenses/Certifications: Security Specialist or CISSP, or equivalent

Skills/Abilities: These skills and abilities are not necessarily used in the evaluation of jobs, but will be used in the creation of job postings and advertisements.
Bachelor''s Degree in Computer Science or related field, or equivalent experience.

5+ years working in an IT field required; 3+ years of Information Security experience preferred.
3+ years installing and implementing complex technologies

3+ years of experience with application/network/OS security products

1+ years working with APIs and workflow integration

Success Criteria: Please describe what success looks like for this role. What would be achieved if this position was performing as expected?

This position is successful when:

All legal, physical and technical protocols are followed and CLIENT''s information and infrastructure is secure from outside attacks

This position collaborates effectively with other team members and departments to mitigate and explain risks, the information security group will be successful as a team.

Background Requirements: Indicate the level of background required for this position, and the frequency.

Level 2 (criminal + Background Check
Level 1 (criminal only) As required.
credit) Frequency:
On Call Responsibilities:

Is this position on call? Yes