Job Description :
Duties & Responsibilities:
Evaluate, design, select and implement new improvements to processes and existing tools while maintaining an eye on technology to further strengthen the security posture.
Emphasis on operational processes while enabling the business use cases. This includes preparing project plans and budgets.
Provide security consulting and design services to the business and greater IT team.
Optimize our existing security tools and processes.
Serve as a project leader for technical security projects.
Author system and operational documentation.
System management and administration of information security systems and tools.
Identification and development of critical alerts and signals for monitoring.
Consult with production operations, infrastructure engineering and corporate IT on technical security issues.
Conduct vulnerability assessments, risk assessments and pen tests on our software, architecture and vendors.
Design and oversee the execution of internal security testing methodologies and execution.
Perform security investigations, and serve as an escalation point for technical security issues.
Supervise and mentor the security operations team.
Provide metrics and KPI’s around the security footprint.
Management of remote security team(s
Other duties as assigned.
Requirements:
3+ years professional experience administration of server Operating systems: Windows and Unix/Linux.
1-2 years professional experience with Cisco networks.
5+ years professional experience in dedicated information security role.
3+ years professional experience in performing information security operations.
Strong experience with Active Directory and Windows Engineering.
Possess strong knowledge of system, database and network security.
Experience with central logging tools, methodologies and best practices.
Past experience in tools such as Nexpose, Bit9, CarbonBiack, PaloAlto, Fireamp, Access Data, Cylance, CyberArk, etc.
Past experience in monitoring centralized log collection and SIEM (IBM QRADAR a plus
Experience with standards frameworks such as ISO 27001, NIST 800-30, NIST 800-53.
Strong verbal and written communication skills, fluent in English.
Strong organizational, operational, presentation, and process capabilities.
Strong work ethic and motivation. Ability to deal with fast-paced and stressful situations.
Must be able to work collaboratively across divisions and physical locations.
Familiarity with computer system hardware and software installation and troubleshooting.
Strong understanding of security principles, tools and processes.
This is a hands on role 50% operations and 50% security administration, must be willing to perform hands on work.
Experience working with internal and external auditors.
Strong communication skills with IT and non-IT professionals.
Education & Certifications:
BS Computer Science, Computer Engineering, Computer Information Systems, Information Systems, Computer Systems Engineering, or equivalent education and experience.
CISSP, CISA, CSSLP certifications a plus; Professional certification mandatory within 1 year.