Job Description :
RESPONSIBILITIES
-Acts as a technical consultant for the enterprise, ensuring security processes for systems align with business needs, architecture and technical standards.
-Reviews reported incidents and potential phishing for malicious activity. Initiating incident response as necessary and responding to reporting users should the report be a false positive. -Review and analyze network traffic for potential malicious or abnormal activity.
-Work with network team to resolve and potential security issues.
-Work with the Senior Security Architect to review it assets and network for potential new vulnerabilities or threats that have arisen.
-Provides security guidance and training to IT associates, business information owners and business management.
-Assists in the development and maintenance of information security policies, standards, and procedures; and assist in resolving security policy issues and implementing security procedures. -Works closely with the Senior Security Architects to ensure security solution consistency with the enterprise architecture and strategy.
This includes the review of detailed specifications for security systems and he associated design, scalability, completeness, quality and performance. Proactively reviews and analyzes new or proposed security systems, tools and methodologies, assessing their risk and their value in support of security strategy and corporate goals.
-Monitor and maintain security tools that control and monitor information security, -Recommends and advise on security controls to support the data security needs of systems being developed or acquired.
- Monitor, investigate, and report on security events and incidents.
-Stays up-to-date on relevant security trends. Develops and maintains a network of contacts that can provide information.
-Assists with the development, documentation, implementation, and communication of an enterprise-wide information security strategy and policies.
-Bachelor''s degree from four-year college or university in computer science or related technical field; plus three years of work as a security analyst, engineer or incident responder; or equivalent combination of additional education after four-year degree and experience. Demonstrated track record of providing strong competent technical contribution on multiple security projects.
Security+, CISSP, SANS GIAC certification or equivalent Information Security certification.
Hands-on information security experience with security architecture, network security, and/or computing platform security to include application security, vulnerability scanning, data loss prevention, log management/SEIM, web filtering, use of firewalls access control lists, and Computer and Network Forensics. Information Security Frameworks and Standards (ISO, COBIT, NIST, etc. IT Security Risk and Compliance and malware prevention and detection. Encryption (SSL, PKI, file and session encryption), intrusion detection and/or intrusion prevention.