Position is responsible for operational maintenance of the Cybersecurity vulnerability management program, analysis and implementation of security tools and measures, and the hardening of server, client, and network equipment.
Essential Functions:Manage vulnerability management platform and work with the infrastructure and service desk teams to implement remediations on an ongoing basisManage log aggregation and monitoring platform (SIEM) and respond to incident alertsRespond to user reported Phishing attempts using service ticketing platformManage and enforce user security awareness program – design and publish quarterly test phishing campaignsResearch new threats and attack vectors and implement countermeasures and controls to adjust the security postureCreate and enforce Windows and Linux server hardening standards Conduct configuration and system audits for adherence to best practices and compliance to security standardsCoordinate penetration testing to find exploitable weaknessesLead incident response, including steps to minimize the impact and then facilitate a technical and forensic investigation of the breach Respond to outside audit questionnairesMonitor networks and systems for security breaches, using intrusion detection softwareProduce periodic security reporting to management, including vulnerability status, configuration gaps, etc.Manage endpoint protection software and advise on selection of alternative vendorsManage Internal Certificate Authority and external certificates
Non-Essential FunctionsAbility to produce executive reporting to illustrate security posture and areas for improvementAbility to communicate and present ideas and recommendations effectively to IT managementAbility to translate technical information into a manner that end users can understand
Education/Experience Requirements: Bachelor’s Degree in a technical field preferredMinimum 6 years of security analyst/administration experienceUnderstanding of OWASP Top 10 security threatsUnderstanding of SOC 2 Type 2 complianceUnderstanding of NIST complianceExperience with cloud infrastructure security needs in O365 and AWSExperience with network and web application monitoring tools is preferred
Knowledge, Skills & Abilities:Expert knowledge of information security principles and practicesExperience with Vulnerability Management Platforms (Rapid7, Qualys, Tenable, etc.)Experience with Patch Management platforms (SCCM, Ivanti, etc.)Experience with email security platforms (Proofpoint, Mimecast, etc.)Experience with incident managementExpert knowledge of security architecturesExpert knowledge of Microsoft Server systems, technologies and serversExperience with VMwareExpert knowledge of Active DirectoryExpert knowledge of network fundamentals (IP, gateway, DNS, routing)Understanding of cloud environments: Azure, AWS, SalesForce.com, Office365