Requirements and skills
Solid knowledge of the theory, concepts, and practice of computer networks and security technologies sufficient enough to learn a new product (with no formal training) well enough to provide technical support to its users, and to coordinate implementation with other technical professionals.
Thorough knowledge of microcomputer and data communication hardware; telecommunication concepts, topologies, and protocols; local and wide area networking.
Ability to keep abreast of the technical solutions available in the marketplace and ability to recognize their applicability at agency.
Must be able to recognize when a process requires additional controls and then implement appropriate procedural changes.
Excellent problem-solving, analytical, planning, and project management skills.
Ability to communicate in oral and written form to users at all levels of the company; particularly requires the ability to convey technical information to a non-technical audience. Long and short term planning skills, including basic financial analysis tools such as cost benefit analysis.
Looking for someone with Varonis Systems or IBM Guardium experience
Minimum 2 years of experience with management of the Azure Information Protection platform
2-4 years' experience with Information Security and Interpersonal Skills.
Responsibilities
Participate in the development of, manage and maintain an agency Data Classification process where sensitive data that is housed within agency applications can be identified and cataloged.
Research and make recommendations for further protecting sensitive data and/or provide additional security technologies to serve this purpose.
Ensure that Secure Application Coding techniques are followed during application development phases through integration of these requirements into the SDLC.
Assist with the process of performing application code reviews, system vulnerability assessments, and penetration testing to test the strength of the agency computing environment.
Assist with the process of maintaining and administering of the Azure Information Protection, and other Digital Rights Management technologies.
Administer the Cryptography & Key Management (PKI) processes across the agency computing environment.
Assist with the Server and Network Hardening processes performed by the infrastructure teams and perform Hardening Validation testing to ensure that policies and guidelines are being adhered to.
Research and recommend the appropriate levels of infrastructure security required for the Cloud, Virtualized, Middleware, and Database environments, and manage the administration of security on these platforms to ensure that adequate controls are in place.
Assist with the process of implementing and maintaining current and supported levels of Anti-Malware and Anti-Spam technologies to protect the agency computing environment.
Assist with the implementation and administration of Data Loss Prevention technologies including but not limited to Full Disk Encryption, Removable Media Encryption, and port protection technologies.
Perform the implementation of the technical security for Mobile Device Management and control access to the Air Watch Administration platform to ensure that adequate controls are always in place.
The purpose of this position is to support the research, procurement, implementation, and ongoing operation and maintenance of all information security technologies that are designed to protect the corporate infrastructure at the host, endpoint, cloud, application levels.
This position is responsible for ensuring that sensitive data is identified, and that it is properly protected through the use of the appropriate security