Job Description :
Title: IT Security Engineer Level III
Duration: 6+ Months
Location: Richmond, VA
Job Description:
Position Summary
In this role, the person will design, and monitor internal and external access controls, security safeguards and associated processes to protect the confidentiality, integrity and availability of -information systems assets. Participate in evaluating new technologies and applications, assessing vulnerabilities and risks, detecting and responding to incidents, and recommending appropriate safeguards. Assist in the evaluation, selection, implementation and administration of security software across platforms. Assist in implementing policy and control frameworks and promoting security awareness and compliance throughout the corporation.
The individual in this position interacts closely with product vendors and service providers, personnel from various IT departments — including Service Desk, Data Center, and Server Admin teams — as well as with business departments. In-depth knowledge of - operating systems and security applications, as well as expert knowledge of network protocols and tools, is required.
Day-to-day Functions Include (but Not Limited To)
Develop and implement an information system security policy
Design, implement and maintain network security guidelines and a security infrastructure for the corporation.
Develop and ensure successful implementation of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification and destruction.
Develop and implement penetration testing and procedures.
Develop, implement and maintain an alerting, archival and event log management system.
Monitor compliance with information security policies and procedures. Monitor network, devices and servers for security violations
Conduct data security forensic analysis and risk assessment for the entire infrastructure
Develop and maintain a disaster recovery plan
Assist departmental technical staff in identifying and implementing appropriate security safeguards
Review logs and alerts for anomalies and potential security breaches
Develop and maintain an adequate Security Awareness Program
Coordinate and monitor security access for all applications
Prepare monthly reports on security incidents and security status
Perform related and special duties as assigned
Develop and implement application and database security.
Develop and implement source code security analysis
Serve as a security expert in applications development and database design efforts
Research, design, and advocate new technologies, architectures, and security products that will support security requirements
Contribute to maintenance and development of application and database security strategy and architecture
Analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
Ensure adequate security solutions are in place to mitigate identified risks sufficiently to meet business objectives and regulatory requirements
Responsible for ensuring compliance with applicable laws, regulations and company policies across areas of organizational responsibility