This position is responsible for keeping up to date on the latest cyber security threats and how they could impact the organization, as well as threat monitoring and mitigation. Must be familiar with industry publications and resources used for identifying vulnerabilities. Requires the ability to review internal security systems such as firewall, IPS, and anti-virus systems. Provide best practice configuration recommendations for network and server infrastructure, as-well-as implement best practice hardening procedures and installation of patches and other mitigations. The position also directs ongoing risk assessment and compliance tasks and leads the development and maintenance of the organization’s information technology security strategy.
Research / Analysis:
•Maintain up to date knowledge of new and existing cyber security threats.
•Understand threat levels as they relate to compliance.
•Must understand multiple threat vectors and how each could impact the organization.
•Run internal and external vulnerability assessment and penetration scans.
•Evaluate system configurations for compliance with best practice system hardening.
•Assist in new product evaluation, capacity and resource planning.
•Identify key security program elements and determine which business units or departments must be involved in building a comprehensive information security programs, awareness programs, or compliance assessments.
Reporting / Documentation:
•Must be able to provide concise reports to multiple audiences from technical to executive.
•Communicate critical status of issues and activities to senior team members and management in a clear and timely manner.
•Recommend improvements to reduce incidences and increase stability.
•Must be able to prioritize threats and provide recommended actions.
•Document and update vulnerability tickets.
•Complete change management requests and update patch logs.
•Contribute to an issue resolution knowledgebase.
•Direct the development and enforcement of information security and privacy policies in compliance with federal and state regulations and standards.
•Provide information to support security audits.
•Develop and maintain metrics from Incident Reporting systems and for other key technology processes.
Hardening / Mitigation:
•Must understand desktop, server, and networking hardening procedures.
•Configure systems to meet hardening requirements.
•Deploy system patches and updates.
•Participate in afterhours maintenance events.
•Work with various service providers to resolve security related issues.
•Serve as an expert security advisor to the senior IT leadership team, in development, implementation, and maintenance of an information security infrastructure.
•Act as the primary control point during significant information security incidents.
•Serve as main contact with regard to applicable regulatory and audit requirements to ensure compliance with industry, State and Federal security requirements and ensure departments consider information security risks in both ongoing and planned operations.
•Maintain relationships with local, state and federal law enforcement and other related government agencies. Monitor information security trends internal and external and keep the IT senior management team informed about information security-related issues and activities affecting the organization.
•Diagnose and quickly resolve problems in highly critical production environment.
•Fully support enterprise policies and standards of performance excellence by delivering exemplary services to all requestors.
•Train others in complex issue resolution and new technologies to be implemented.
•Develop and administer IT security training and awareness programs.
•Assist in development of disaster recovery strategy and procedures. Actively participate in system recovery activities.
•Support organizations cybersecurity initiatives.
•Maintain confidential and sensitive information.
•Assist with planning, testing, and implement new operation system releases, software upgrades, and information security tools and updates.
•Maintaining firewall security and general configurations.
•Manage reporting tools and processes for technology team and support tool usage for other users within the organization.
•Any other duties as assigned by management.
•Ability to identify and mitigate server and network vulnerabilities.
•Understanding of patch management systems and understanding of deployment strategies to minimize business impact.
•Strong technical understanding in information security technology along with experience in the challenges of providing a secure IT environment.
•Experience with server and network vulnerability and penetration testing.
•Demonstrated knowledge of Industry Standard Tools for enhancing security practices.
•Working knowledge of firewalls, SIEM, IPS, and antivirus systems.
•Experience with incident reporting system management, support and status/metrics reporting.
•Experience with information security tools and processes.
•Experience in Change Management best practices.
•Ability to demonstrate strong customer service skills and ability to effectively present technical ideas, solutions, and proposals to a diverse group of individuals.
•Strong interpersonal and written communication skills and the ability to work effectively with a wide range of constituencies.
•Proficient working knowledge of network configuration.
•Experience with Cisco devices.
Experience as a Server Admin.
Experience as a Network Admin.
Knowledgeable in Cloud Computing based systems implementation
Military, governmental agency or corporate/industry information security experience.
Experience with disaster recovery planning and testing, auditing, risk analysis, business resumption planning, and contingency planning.
SIP telephony experience.
Experience or knowledge of network protocols.
At least 3 years of experience in information security.
Bachelor’s degree in Computer Science, Information Systems, or another related field.
Please note: This client is not accepting candidates submitted by other staffing firms or agencies at this time. Thank you.
Applicants for this opportunity must have an unrestricted right to work in the United States.
[Persons in H-l, L-l, and OPT EAD status do not have unrestricted right to work.]
For immediate response please forward resumes to [email protected]
For a list of our current openings please visit Valintry's Jobs Webpage