Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Information Security Administrator
Company New Visions For Public Schools
Location New York City
Preferred GIAC Certifications GSEC
Travel 0%
Salary Not provided
URL https://www.newvisions.org/pages/Central-Office-Careers?gh_jid=2045086
Contact Name New Visions For Public Schools - Central Office NYC
Contact Email noreply/at/newvisions.org
Expires 2020-03-21

Job Description

Overview
New Visions for Public Schools (NVPS) is a charter management organization and service provider based in New York City. We design, create and sustain great schools for New York City's highest need students. With over 30 years of experience improving education outcomes, the organization has set its sight in growing its capacity as an education technology provider.

The Systems, Data, and Applied Research (sysDaar) department plays a crucial role in this expansion. As an Information Security Administrator you will work within the Infrastructure and Security unit of sysDaar to help drive the organization's information security efforts.

We are seeking a candidate that is eager to join a mission-driven organization and possesses a strong mix of technical knowledge, professional experience, and work ethic to meet the demands of this role.

=== Why work with us ===

Critical Infrastructure
You will work on mission critical infrastructure for the organization and become a key contributor to our operations, your work will have high visibility and will impact our daily operations

Cloud Native
You get hands-on administrative responsibilities in a cloud-native team, learning and growing capabilities of our AWS, GCP, G Suite, and other Saas platforms

Container and Serverless Friendly
You will get to push forward our adoption of container and serverless technologies by interfacing with existing deployments and designing your own

Developer Mindset
You will get to deepen your love for code by contributing to our code repositories and maintaining your own body of work, refining and growing your automation skills

Constant collaboration
While your primary contacts will be other members of the Infrastructure and Security unit, you will also have the opportunity to broaden the impact of your work by forging relationships with other units in the departments such as Data, Engineering, Product, QA, and Design

Continuous Learning
You will get access to a library of digital subscriptions allowing you to take advantage of best-in-class online learning platforms, hone your existing skills, and pick up new ones as new challenges emerge

Flexible work environment
You will benefit from our generous work from home policy, ensuring work-life balance is always within reach

=== What we need from you ===

Deeply curious
You enjoy learning new things and have spent many hours teaching yourself a new skill

Posses a solid foundation
You have a firm understanding of operating systems, networking, and access management

Self directed
You work well with limited direction and enjoy owning projects through completion

Keep cool under pressure
You are able to maintain focus and calm necessary to deal with time sensitive events

Comfortable with data
If given a data set, you are able to interrogate it and generate summary analysis

=== Role Responsibilities ===

Monitoring

Identify and collect critical metrics to be used in security reporting
Manage log aggregation, parsing, and alerting for all systems and networks
Analyze log data and provide frequent reports
Own initial phases of Incident Response such as triaging and escalation of alerts
Identity and Access Management
Oversee account creation, suspension, and execution of secrets rotation schedules
Create, audit, and maintain access policies across AWS, databases, and other Saas platforms

System Administration

Implement secure configurations for EC2 instances and container images
Design and execute a patch management strategy for EC2 instances and containers
Oversee continuous vulnerability scans and remediation
Develop and document systems administration standard operating procedures

Network Administration

Audit existing and implement new network designs on AWS
Design and maintain firewall rules and access policies for cloud environment

Data Retention and Destruction

Maintain system that audits files across cloud environments
Purge files that have reached the end of its retention lifecycle

Risk and Compliance

Create and maintain security policies, guidelines, and procedures
Execute user awareness training sessions during staff onboarding
Oversee offboarding tasks such as account rotations and documentation
Maintain asset database of all services used and their security configurations
Audit current systems to ensure compliance with internal policies such as data classification and retention
Oversee creation, storage, testing, and use of backups for systems and data
Assist with ensuring organization is compliant with NIST Cybersecurity Framework and other applicable federal, state, and city regulations

=== Specifications ===

Required

Undergraduate or graduate study in a related field or any equivalent combination of experience, education, and/or training
2+ years of professional work experience in IT, Software Development, or Information Security
Experience with programming languages and the command line
Experience with systems administration of Linux servers, preferably Ubuntu distribution
Experience running production systems that meet compliance with privacy mandates
Experience with Identity and Access Management (IAM) functions such as maintenance of accounts, roles, policies, and permissions
Knowledge of network and operating system hardening techniques
Knowledge of security architecture concepts including network topology and communication protocols

Preferred

One or more certifications in the IT or Information Security field
Experience with using Python to automate workflows on AWS
Experience with owning a development workflow (IDEs, Git, APIs, etc)
Experience managing servers on cloud environments, preferably AWS
Experience enforcing data classification, retention, and backup policies
Experience with vulnerability identification and remediation
Experience with implementing NIST Cyber Security Framework
Experience supporting Incidence Response efforts for security events
Equal Opportunity

New Visions for Public Schools is an equal opportunity employer. It is the policy of New Visions that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regards to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status, ancestry, or any other reason prohibited by law.

New Visions believes that our teams should reflect the diverse communities we serve and that our culture and internal structures should be inclusive and equitable for all employees. We also recognize that perspectives from communities that have been historically marginalized are critical to the work we do. Hence, we strongly encourage applications from individuals living in the communities that we serve or who are members of historically marginalized communities.

New Visions provides a comprehensive and competitive compensation and benefits package in addition to the opportunity to make a significant impact on education reform and in the lives of urban youth.