Information Security Specialist
The Information Security Specialist for the Cyber Security & Operations function is responsible for providing continuous threat monitoring and incident response services. This individual is responsible for monitoring, developing, and maintaining the tools, technologies, and processes that enable the organization to detect and prevent computer security threats. The Information Security Specialist acts as a subject matter expert and works with cross-functional teams as required to perform incident investigations and response activities. This individual participates in the Information Security Operations Center, which provides timely investigation and response to potential IT, incidents through the continuous monitoring and tracking of security events.
Duties and Responsibilities:
- Responsible for evaluating, designing, deploying, maintaining and auditing security infrastructure including next generation firewall, monitoring solutions, correlation tools, and identity and access control systems in a highly controlled environment
- Troubleshoot and resolve critical network issues
- Provide guidance and expertise for proposed network security architecture projects
- Develop working relationships with cross-functional teams from Information Technology, Physical Security, Human Resources, Marketing, Privacy, Legal, and third-party vendors to effectively respond to security incidents.
- Contribute to the advancement of the security monitoring program through thought leadership and guidance on tools, technologies, and processes that provide automated and proactive detection and prevention.
- Develop and improve process/procedure manuals and related documentation.
- Propose and generate metrics with emphasis on Security Operation Center (SOC) Key Performance Indicators (KPI).
- Other duties, as assigned
- Bachelor’s degree or equivalent combination of education and/or experience.
- Minimum of 5 years’ experience in an Information Security role with at least 2 years in a security operations center, incident response, or threat analysis or role.
- Relevant knowledge and experience in two or more of the following areas: incident response, threat analysis, malware response, security operations, Network Security/next generation firewall, proxy configuration and management
- Demonstrated experience in threat detection technologies including two or more of the following: network or host intrusion prevention/detection systems (IPS/IDS), Endpoint Protection, Security Incident Event Management (SIEM), data loss prevention (DLP)
- Demonstrated ability to analyze security events, perform initial triage, and determine appropriate next steps
- Demonstrated experience in security projects development, security vendor or services management, and request for proposal processes and procedures
- Certified Information Systems Security Professional (CISSP) or equivalent is preferred
- One or more of the following technical certifications is preferred: GIAC Certified Incident Handler (GCIH), GIAC Certified Forensics Analyst (GCFA), or GIAC Reverse Engineering Malware (GREM), EC-Council Certified Security Analyst
Other Skills and Abilities:
- Strong organizational skills
- Strong attention to detail
- Good judgment
- Strong interpersonal communication skills
- Strong analytical and problem solving skills
- Able to work harmoniously and effectively with others
- Able to preserve confidentiality and exercise discretion
- Able to work under pressure
- Able to manage multiple projects with competing deadlines and priorities