Essential Job Functions
Responsibilities (by % of time)
35%- Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: IPS/IDS alerts, Application Firewall alerts, malware alerts, change detection (FIM) alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.
35%- Participate in a vulnerability management program that includes: external and internal vulnerability scans of applications and systems, external and internal penetration tests of applications and systems, the documenting and remediating of identified vulnerabilities and exploits, routinely monitoring various communication avenues for security vulnerabilities and security patches, taking a risk based approach comparing those security vulnerabilities and security patches across the operating environment, and making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
15%- Support processes such as Managing web browsing protections, web content filtering, and web site category white-listing/blacklisting, support automated encryption/decryption and secure file transfer of sensitive business process files, manage internally generated SSL certificates and SSL certificates generated by a managed PKI vendor and internal Certificate Authority
10%- Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing
5%- Participate in the organization's incident response plan and perform incident reporting on an as needed basis
Ongoing- Must be able to work outside normal business hours when needed in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted
Ongoing- Regular and reliable attendance is required.
Ongoing- Incumbent is accountable for professional working behavior to include; building and maintaining constructive working relationships, implementing proactive and concise communication, acting as a resource to colleagues, and engaging in collaborative thinking and problem solving while demonstrating CSG’s core competencies and values.
External – Company clients, Security and service vendors, Security providers and consultants, regulatory auditors
Internal – Internal Audit, Compliance, Operations, Architecture and business units
Knowledge, Skills and Abilities
|Date Posted||August 11, 2017|
|Date Closes||September 10, 2017|
|Located In||Omaha, NE|
|Job Type||Full-time Employee|