Serves as the subject matter expert supporting multiple disciplines of information security including security architecture, standards, solutions design and implementation; handles development of standards/procedures in compliance with policies, state and federal regulation, and security best practices; manages the secure operation of the company’s computer systems, firewalls, servers, and network connections; provides security solutions to internal customer and constituents; partners with project teams to ensure that security is designed in to all technology initiatives; recognizes areas of improvement within the environment, and balances those initiatives with organizational goals.
takes a lead role in mapping security standards to technical solutions in support of business needs.
Works with project teams, architects, and constituents to design and implement security solutions in support of corporate information security policy, regulatory requirements, and security best practices.
Works as part of the development team to maintain the security and regulatory compliance of systems architected, built, installed and used by the company.
Researches, analyzes, and recommends the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.
Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; tests new security software and/or technologies.
Provides ongoing engineering support for security systems including firewalls, virus protection
systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
Creates audits, and reports the enforcement of policies, procedures and associated plans for system security administration, and user-system access as defined by company standards.
Contributes to the design and implementation of the disaster recovery plans for security of the company’s computer systems, databases, networks, servers, and software applications
Develops technical security standards in support of information security policies and principles
Ensures that planned testing activities are performed and technical criteria are met
Plans and monitors the installation of distributed infrastructure systems
Performs other related duties as required.
- Education & Experience
- Bachelor's Degree in Information Security, Computer Science, Information Systems or a related field, and Six to eight years experience in information security, engineering or professional related work experience, or an equivalent combination of education and experience.
- Advanced knowledge of multiple security technologies (firewalls, IPS, DLP, antimalware, proxies, WAF, etc.) required.
- CISSP or other information security related certifications within a given field are preferred (i.e., Microsoft Windows, Cisco, TCP/IP, etc.) preferred
- Job Knowledge & Skills
- Networks (TCP/IP)
- Schematic Architecture Design
- Data Access and User Administration
- Data Security
- Development Requirements Definition
- Network Security
- Security Risk Management
- Server Hardware + O/S Management
- Systems Security and User Administration
- Systems Security Maintenance
- Systems Security Policies and Procedures
- Systems Security Testing and Auditing
- Information Security Technology