|Preferred GIAC Certifications||GWAPT, GCIH, GCIA|
|Contact Name||Rick Grinnell|
What You Will Be Doing:
•Leads the analysis, design and programming activity for implementation of Information Security Infrastructure solutions.
•Develops, maintains, supports and optimizes information security infrastructure for key functional areas including, but not limited to, network infrastructure, server infrastructure, data communications, and telecommunications systems.
•Collaborates with customers, subject matter experts, architects, development team, implementation support and production support staff to define technical specifications, solution scope and objectives.
•Identifies and evaluates complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
•Supports the architect team in the design of Information Security Infrastructure solutions through client requirements specification, solution design and product selection.
•Creates and maintains relevant security policies, processes, and procedures.
•Continuous monitoring/review and reporting of security posture and improvement recommendations
Level of Education and Discipline:
•A Bachelor's degree (BA, BS) or equivalent education, training or experience in Computer Science, Engineering, or related technical field. Master Degree preferred.
Amount of Experience:
•Equivalent years of education and training, plus two (2) or more years related experience.
•DoD8570 IAT Level3 baseline or equivalent professional certifications required (ie CISSP or CISA)
•Network certifications (CCNP) and Giac GWAPT, GCIH, GCIA or equivalent certifications desired.
Type of Experience:
•Experience in an Information Security corporate environment with Information Security Infrastructure.
•Experience with network infrastructure, system administration, network and application security concepts.
•Various types of testing (i.e., unit/functional testing, system integration testing, user acceptance testing, performance testing, vulnerability testing, etc.).
•Proven expertise in least privilege access and defense in depth principles.
•Experience administering and troubleshooting UNIX/Linux and Windows Operating Systems.
•Solid knowledge and experience in IT Architecture, Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewalls (WAF), load balancers, web content filtering, next generation and network based anti-malware detection and threat prevention solutions, security incident and event management (SIEM) solutions, threat hunting, incident response, and data loss prevention (DLP) solutions.
•Prior experience with regulatory oversight (ie NERC/CIP) desired.
Additional Skills and Abilities
•Must be able to work effectively in a team environment as facilitator and team member.
•Excellent analytical, verbal and written communication and documentation skills required, with a demonstrated attention to detail.
•Excellent planning and organizational skills.
•Ability to use deductive reasoning and analytical thinking with sound judgment and decision-making skills.
•Strong interpersonal and conflict resolution skills are also essential.
•Must be self-starting and willing and able to work independently in a dynamic corporate organization under pressure of tight deadlines and aggressive expectations.
•Self-motivated, problem solving skills and the ability to influence others without direct authority.