Job Summary
This position is an experienced, hands-on technical lead, performing IT security functions, especially related endpoint protection and network security. Ensures the implementation of robust security measures to protect organization communications and control networks, reducing the risk of unauthorized access and cyber threats. Implements and maintain effective measures to prevent data leaks, safeguarding sensitive information and ensuring compliance with data protection policies and regulations. Regularly assess, tune and enhance the effectiveness of network and endpoint security measures, including encryption protocols, and lead continuous improvement initiatives to enhance the organization's overall security posture. Utilizes information security technologies such as antivirus, IDS/IPS, SIEM, endpoint detection & response, DLP, data encryption, proxies, and network access control, as well as security policies and procedures, and incident response.
Job Responsibilities
Responsibilities include:
• Manages Network, Endpoint, and Data security technologies including:
• Provides technical expertise in threat/risk assessments for Network, Endpoint, and Data security related activities
• Defines, designs, and implements Network, Endpoint, and Data (NED) security strategies to protect against emerging threats using security tools
• Performs security reviews on new NED technologies and changes to existing NED technologies
• Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security
• Evaluate network infrastructure vulnerabilities to enhance capabilities being developed
• Utilizes information security technologies
• Provides technical expertise in threat/risk assessments
• Defines, designs, and implements strategies to protect against emerging threats using security tools
• Supports the response to security incidents as needed.
• Supports threat hunting function to discover potential cybersecurity events as requested.
Job Specific Qualifications
Required Qualifications:
• Bachelor’s degree and 4 years of relevant cyber security experience
• In lieu of a degree 8 years of cyber experience
• Technical experience includes: information / data / network / computer security design, administration and/or assessment.
• Broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
• Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
• Demonstrated hands-on technical experience performing IT security functions and maintaining systems, while providing technical guidance to the team.
• Experience providing technical expertise and support to clients, IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques.
• Proficient in engineering solutions to prevent, minimize or quickly recover from cyber-attacks or other serious events.
• Experience with incident response and threat analysis experience, including SIEM technology.
• Demonstrated ability to follow cyber security news and alerts in order to understand complex attack vectors and risks including the ability to identify and evaluate emergent cyber security threats and vulnerabilities.
• Experience in recommending appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team.
• Experience with cloud computing and implementation of strong security protection in cloud environment.
• Experience designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
• Ability to work independently with little or no supervision.
• Demonstrated strong verbal and written communication skills.
• Excellent leadership, technical teamwork, and interpersonal skills.
• Experience working in a team environment, with experience teaching and learning from other team members.
• Ability to foster working relationships with the team, IT Management and Client departments.
• Ability to explain technical concepts to the business users in the context of business requirements.
Please Note the Following:
• NERC CIP position, requires NERC CIP background investigation prior to start
Desired Qualifications:
• Industry Security certifications such as SANS, CISSP, etc.