Serves as the subject matter expert supporting multiple disciplines of information security including security architecture, standards, solutions design and implementation; handles development of standards/procedures in compliance with policies, state and federal regulation, and security best practices; manages the secure operation of the company's computer systems, firewalls, servers, and network connections; provides security solutions to internal customer and constituents; partners with project teams to ensure that security is designed in to all technology initiatives; recognizes areas of improvement within the environment, and balances those initiatives with organizational goals.
Principal Duties & Responsibilities
- Takes a lead role in mapping security standards to technical solutions in support of business needs.
- Works with project teams, architects, and constituents to design and implement security solutions in support of corporate information security policy, regulatory requirements, and security best practices.
- Works as part of the development team to maintain the security and regulatory compliance of systems architected, built, installed and used by the company.
- Researches, analyzes, and recommends the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.
- Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; tests new security software and/or technologies.
- Provides ongoing engineering support for security systems including firewalls, virus protection systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
- Creates audits, and reports the enforcement of policies, procedures and associated plans for system security administration, and user-system access as defined by company standards.
- Contributes to the design and implementation of the disaster recovery plans for security of the company's computer systems, databases, networks, servers, and software applications
- Develops technical security standards in support of information security policies and principles
- Ensures that planned testing activities are performed and technical criteria are met
- Plans and monitors the installation of distributed infrastructure systems
- Performs other related duties as required.
Education & Experience Required
- Minimum Required Bachelors Degree Information Security, Computer Science, Information Systems or a related field
- Minimum Required Six or more years experience in information security, engineering or professional related work experience
- Minimum Required Advanced knowledge of multiple security technologies (firewalls, IPS, DLP, antimalware, proxies, WAF, etc.)
Education & Experience Preferred
- Preferred Certifications CISSP or other information security related certifications within a given field are preferred (i.e., Microsoft Windows, Cisco, TCP/IP, etc.)
Or an equivalent combination of education and experience.
Job Knowledge & Skills
- Networks (TCP/IP)
- Schematic Architecture Design
- Data Access and User Administration
- Data Security
- Development Requirements Definition
- Network Security
- Security Risk Management
- Server Hardware + O/S Management
- Systems Security and User Administration
- Systems Security Maintenance
- Systems Security Policies and Procedures
- Systems Security Testing and Auditing
- Information Security Technology
- Acting with Integrity
- Communicating Effectively
- Pursuing Self-Development
- Serving Customers
- Supporting Change
- Supporting Organizational Goals
- Working with Diverse Populations
The statements below describe the general nature and level of the work and are not an exhaustive list of all responsibilities, duties, and skills required.
Normal office environment (virtual or in-person)