Vacancy expired!
- Design, develop, test, integrate, implement and document information security solutions for all OSI model layers such as (but not limited to) proxies, remote access, firewalls/gateways and intrusion detection/prevention systems of moderate to high complexity.
- Apply security policies to meet security objectives of the system.
- Analyze current cybersecurity features, integrate new security features into existing infrastructures, and help to resolve integration and testing issues.
- Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Serve as a security technical lead on enterprise IT projects through the creation and implementation of detailed designs, as well as a security liaison while working with other security experts to identify and remediate security concerns during project implementation.
- Properly document all systems security implementation plans, operations, and maintenance activities and update as necessary.
- Subject Matter Expert on all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
- Support complex operational tasks that are assigned as part of project implementation.
- Assess adequate access controls based on principles of least privilege and need-to-know.
- Perform detailed troubleshooting in support of system remediation efforts.
- Act as security representative for cross-functional troubleshooting teams to aggressively identify and correct enterprise issues.
- Mitigate/correct security deficiencies identified during security testing and/or recommend risk avoidance/acceptance for the appropriate senior leader.
- Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
- Apply security policies to meet security objectives of the system.
- Apply service-oriented security architecture principles to meet organization s confidentiality., integrity, and availability requirements.
- Ensure all systems security operations and maintenance activities are properly documented and updated as necessary.
- Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Implement specific cybersecurity countermeasures for systems and/or applications.
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
- Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
- Assess the effectiveness of security controls.
- Assess all the configuration management (change configuration/release management) processes.
- Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements.
- Analyze and report system security posture trends.
- Assess adequate access controls based on principles of least privilege and need-to-know.
- Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
- Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
- Verify minimum security requirements are in place for all applications.
- Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
- Work with stakeholders to resolve computer security incidents and vulnerability compliance.
- Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
- Bachelor s Degree
- 3+ relevant work experience.
- Must possess a strong understanding of TCP/IP networking principles and secure coding practices.
- Must be able to obtain a security clearance.
- Must be able to independently own, lead and drive security projects to completion.
- Must be a team player willing to engage and work with other team members.
- Must be able to professionally frame risk management decisions, and work with leadership to determine best course of action for securely moving the business forward.
- Must be able to professionally communicate security concerns and positions to non-security and/or non-technical audience.
- Must have experience with Windows and Unix-based operating systems.
- Security certifications (e.g. Security+, GCIA, GCIH, CISSP, CEH, GIAC, AWS Cloud Architect/Security, or Microsoft 365/Azure Security)
Vacancy expired!