Open Jobs

Description:

• Daily management of operational information security in a 24×7 live production environment.
• Assist in providing support for the design, deployment and use of security related reporting tools and management systems.
• Assist with information security risk assessments and reports to identify, assess, measure, and monitor information security risks.
• Liaise with internal employees throughout the organization (Engineering, HR, Management and Support) and external costumers as necessary, on information security matters such as emerging security risks and control technologies.
• Enforce and adapt information security policies, standards, procedures and guidelines, in partnerships with the business.
• Supporting the incident response, investigation and architecture review processes.
• Assist, support and maintain the vulnerability management process.
• Assist with handling the security questionnaire process.
• Assist with infrastructure framework, perimeter and internal security improvement projects.
• Independently or as part of a team, analyze business, technical and functional requirements and develop work tasks and complex project plans to meet project objectives.
• Successfully lead small to midsize projects utilizing external resources and service providers.
• Effectively communicate with business and IT leadership to insure project success.
• Define and implement processes and technical solutions to enhance automated monitoring and management.
• Support the development and deployment of information security processes.
• Participate in on-call and off-hours support activities which are typical for the role and industry.
• Support the development, documentation and delivery of training and user guidance to ensure consistent and effective implementation of information security objectives.
• Receives functional guidance directly from Information Security Manager and supplemental guidance from other team members on general business objectives.
• Will be self-directing and act as project leader on small to large projects; nurture effective working relationships; will coordinate with internal and external resources in performing the duties of this position.
• Assist with ISO 27001 and NIST certifications – domestic and international.
• Assist with Client Due Diligence as requested.

 Essential Skills

• Knowledge of information security industry standards and frameworks (e.g. PCI DSS, NIST, ISO 27001) desirable.
• Knowledge of operational security areas preferred.
• Deep understanding of process and information technology related controls.
• Familiarity with industry standard tools and applications including Nessus, Palo Alto, Kaspersky, Varonis, etc.
• Excellent oral and written communication skills.
• Excellent analytical, research, and problem solving skills with a keen attention to detail.
• Strong project management, communication and organizational skills.
• Ability to work on multiple projects, with strong ability to adapt to dynamic work environment and to prioritize tasks accordingly.
• Proficiency in Microsoft Office suite, including PowerPoint, Excel, Visio, Word.

Qualifications

• Bachelor’s Degree in Business, Computer Science or equivalent experience, or equivalent Military background in relevant disciplines required.
• Minimum of 2 years Information Security experience or equivalent experience in Information Risk Management.
• CISSP, CISM, CRISC, CISA, or similar industry certification(s) preferred.
• Must possess a solid understanding of Information Technology, Information Security, and Risk Management.
• Self-motivated, able to work independently and as part of a team.
• Experience with technical and policy writing.
• Strong experience with internet and network security products and platforms, including intrusion detection/prevention, incident response and investigation, vulnerability management, data loss prevention and penetration testing.
• Experience in risk assessment methodology is required.
• Experience with Change Management Processes.
• Policy development and implementation experience.
• Experience in policy and compliance auditing is preferred.