Cycle3 IT Staffing is seeking an Information Security Specialist for a full time permanent opportunity.
This position will work with the Information Security team to ensure confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, implementation, maintenance, and enhancement of information systems security procedures and tools. This will be accomplished by performing day-to-day monitoring, management and maintenance of established security controls and systems designed to reduce risk. It will be necessary to implement appropriate levels of security to protect the assets of the corporation while providing proper access and support needed to reach organizational objectives. There will be an ongoing focus for implementing enhancements in Operations/ICS Security.
Provide first and second tier support to resolve all Information Security-related issues on a 24/7 basis.
Responsible for support, management and troubleshooting of all remote access VPN users, the VPN server, gateway antivirus, site-to-site VPNs, URL filtering, proxy server, network security monitoring, intrusion detection/prevention, 2-factor authentication, all enterprise firewalls, and laptop and wireless security solutions.
Perform risk assessments on the ICS/SCADA networks, business networks, and system changes. Identify, analyze and mitigate potential security risks, vulnerabilities and possible threats that may arise in the assessments, and then apply safeguards (technical and administrative) to reduce risk. Perform network security assessments for evidence of vulnerability or compromise, assisting and coordinating remediation, track resolution, and prepare reports. Development and execution on security strategies in the Perimeter & Network Security domain, and to provide direction and focus of security efforts. Development of re-usable “solution patterns” in the domain to promote consistency in solutions. Research, evaluate, recommend and implement new security technologies and solutions to continuously improve the overall security posture. Development and execution of disaster recovery plans, processes and procedures for the Information Security area. Responsible for ensuring vital Information Security resources are backed up and recoverable.
Compile and analyze all security logs, alert tools, and other data collection mechanisms for troubleshooting and identifying anomalies. Create and analyze technical security metrics reports. Provide summary of analysis of trends and potential risks to management for review. Work with vendors to solve issues pertaining to products (hardware and software). Interface with vendors to identify need for best of breed technologies suited for strengthening the organization’s security posture.
MINIMUM REQUIRED SKILLS, EDUCATION AND EXPERIENCE:
· Bachelor’s degree with emphasis in Computer Science, math, engineering or business; or equivalent experience and training.
· 3 years’ experience in Information Security (including implementation and administration of enterprise firewalls, Intrusion Prevention Systems, Proxy servers, VPN solutions, encryption, Security Incident and Event Management (SIEM) and URL filtering).
· 3 years’ experience with Computer Networking.
· Understanding of advanced security and communication standards. Solid knowledge of information security technologies, principles, regulatory requirements and practices will be a requisite for this position.
· Experience interfacing with third party VARs in the Information Security area.
· Strong experience with vulnerability management and alerting.
· Knowledge of security incident investigation and reporting.
· Understanding of hardware/software security architecture implementation.
· Excellent customer service, interpersonal, and team skills.
· Ability to communicate effectively in written and oral communications including technical aspects of Information Security.
· Strong analytical and problem-solving skills.
· Strong operational and technical experience with Windows and Linux Systems.
· Experience with Business Continuity Planning/Disaster Recovery.
· Ability to travel up to 20% of the time.
PREFERRED EDUCATION & EXPERIENCE:
· 5+ years’ technical experience with Information Security technologies (hardware, and/or software).
· Some knowledge and experience of Operations Security (SCADA, ICS).
· Experience using Service Desk management software.
· Experience with software and security architecture.
· Ability to assess potential items of risk and recommend solutions to remediate.
· Experience working with enterprise wireless networks.
· InfoSec Certification (CISSP, GIAC).
· Windows/Linux servers and desktops – operational/technical.
· VPN and encryption technologies.
· Firewalls and various other security technologies/appliances
POSITION WILL REPORT TO: Manager, Information Security
To apply for this job email your details to firstname.lastname@example.org