As a member of IT Security team, contributes to development of a comprehensive information security program. Responsible for implementing and operating information security capabilities, documenting security policies, processes and standards. Reporting to Information Security Manger, this position is responsible for cyber incident response, providing operational support to security systems and tools for boundary, network, email, and endpoint security / monitoring.
- Serves as a subject matter expert on cyber response activities
- Provides second and third-level support and analysis during and after a security incident.
- Monitors reports and security logs for unusual events.
- Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center.
- Provides operational support for Security Operations technologies/capabilities to include: DLP, IDS/IPS, Firewall configuration, Endpoint protection, Email security, Vulnerability scanning
- Develops security policies and procedures.
- Participates in security investigations and compliance reviews, as assigned by management.
- Assist in development and deployment of information security awareness, training, and communication capabilities.
- Responsible for operating, maintaining and supporting various security tools as assigned by management.
- Collaborates with other security and infrastructure team members to identify and implement solutions.
- Works with business partners in resolving security-related infrastructure outages. Must possess expert troubleshooting skills.
- Subject Matter Expert in security operations functions (end point protection, firewalls, intrusion protection, date loss prevention, cyber incident response)
- Must come from an enterprise environment
- 3 or more years of experience in Cyber Security and/or Security Operations.
- Understanding of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
- Understanding of general security concepts including but not limited to cryptography, DLP, Security Operations Center, Security Managed Services, SEM, FW, Audit, Cloud Security, Mobile Security.
- BA in Computer Science or related field is required or equivalent acquired through combination of education and experience.