Essential Duties & Responsibilities:
- Ability to lead the evaluation, troubleshooting, and identification of issues with security infrastructure technologies at an enterprise level.
- Conduct risk assessments; coordinate audit engagements with relevant parties; maintain policies, standards and procedures designed to safeguard information and resources.
- 4+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN.
- Highly proficient supporting Network, Operating System, Database, Web Applications & Data layers, providing an escalation point for technicians.
- Design audits of computer systems to ensure they are operating securely, and that data is protected from both internal and external attack. Make recommendations for preventive measures as necessary.
- Expert security tool user, able to build-out, configure, monitor & mine for interesting data.
- Reporting capabilities through SQL, SharePoint, Splunk, Cacti, and other tools.
- Able to define KPIs, build relevant reporting solutions.
- Provide incident response support as toolset-specific Subject Matter Expert for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.
- Conduct vulnerability assessments and security reviews through penetration tests to determine deviations from acceptable configurations, policies, and standards.
- Provide security expertise, technical leadership, Network Technicians, and Systems Architects teams.
- Demonstrated skill at administering complex security controls and configurations to computer hardware, software and networks.
- Experience in incident, change, and problem management.
- Review new and existing systems design projects and procurement or outsourcing plans for compliance with standards and architectural plans.
- Lead investigations of security violations and breaches and recommend solutions; prepare reports on intrusions as necessary and provides analysis summary to management.
- Support the integration with distributed cyber security toolsets. This may include leveraging existing technologies within the organization, programming, scripting, or other software and system integration work.
- Perform other duties as assigned to support the efficient operation of the information technology department.
Skills:
Ethical Hacking-Expose weak points and identify potential threats so that the organization can protect itself from malicious hackers. This includes penetration testing during which an analyst will test networks, computers, web-based applications, and other systems to detect exploitable vulnerabilities.
Intrusion prevention-Monitoring network traffic to detect potential threats and then responding to these threats promptly.
Computer Forensics-Manage the negative effects of an attack or breach, by minimizing the impact to altering security controls for future prevention.
Reverse Engineering-Analyst and comprehend software’s to patch a bug or analyze malware.
Knowledge / Experience-SIEM Technologies, Log Harvesting/routing/management Tools, Security Analytics Platforms, Network Recording and Forensic Offerings. Additional Cyber Security Toolsets, Including Fraud Monitoring, Data Leakage Prevention, And Privileged Access Monitoring.Information security practices, networks, software, and hardware.Working with computer programming is a plus.
Education:
- Bachelor’s Degree in Information Technology preferred.
Attitude:
- Strong communications and presentation skills