Maintain security by monitoring and ensuring coverage and effectiveness of all security controls and ensure compliance with documented standards, policies, and procedures.
Design, configure, and implement processes to alert of potential issues that impact operations not working as designed or intended.
Develop and implement detection use cases to detect potential security risks and assist with incident response activities, as required.
Identify and address security gaps discovered through ongoing monitoring of all information security controls and implement enhancements to security controls.
Ensure that all Information Security capabilities and functions are operating as designed and intended.
Support the management of security infrastructure, including but not limited to, proxies, IDS/IPS, SIEM, endpoint security solutions, etc.
Proactively and collaboratively work with key stakeholders to develop, implement, and document procedures that meet defined policies and standards for information security management.
Provide subject matter expertise to executive management on a broad range of information security best practices and offer strategic and tactical security guidance including the evaluation and implementation of technical security controls.
Ensure that technology investments are fully be leveraged in accordance with the organization’s information security goals.
Actively participate in proof-of-concepts for new security technologies by developing selection criteria to identify appropriate security solutions to support strategic operational needs and security requirements.
Bachelors of Science in Computer Science or a related field. An equivalent combination of education and experience may be substituted for the degree requirement.
At least five years experience in information security or information technology.
At least two years experience in security related technologies (i.e. antivirus, IDS/IPS, firewalls, SIEM, FIM, database monitoring, etc.). Hands-on experience with multiple security tools and technologies that cover a breadth of security disciplines.
At least two years experience as a Linux or Windows administrator and/or network administrator.
At least two years experience in one or more scripting languages (i.e. Perl, Ruby, python, etc.) with the ability to write complex scripts.
Experience in securing and developing security policies for cloud-based infrastructure (i.e. Azure, AWS, etc.)
Technical proficiency in regular expressions.
Experience in designing and building enterprise monitoring capabilities.
Hands-on experience in designing, implementing, and operationalizing output from various security technologies to make the information actionable for internal customers.
Hands-on experience in integration of disparate tools. Technical proficiency in API calls to enable integration.
Familiarity with generally accepted information security governance framework (i.e. PCI DSS, ISO 27001, etc).
Demonstrated ability to troubleshoot issues in a complex technology environment.
Strong problem solving skills.
Excellent communication (both oral and written), organizational, and customer service skills. Ability to interface with all levels within the organization, vendors, customers, prospective clients, auditors, etc.
Capable and self-motivated to quickly learn new technologies (scripting languages, technology frameworks, etc).