3250 Wilshire Blvd. Suite 401
Job Category: Security
Job Number: 19706
Essential Job Duties/Responsibilities:
- Serve as the subject matter expert (SME) for technical security: solutions, controls and architecture
- Provide day-to-day administration and technical support for IT security systems
- Provide technical security administrative duties for infrastructure related to firewalls, encryption, intrusion detection systems, vulnerability scanning, security monitoring tools, authentication, web filtering, identity management, access control systems, and their associated logs and processes
- Provision and audit access controls on information systems containing sensitive data
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution
- Perform risk and vulnerability assessments, followed by appropriate remedial action, to mitigate risk and ensure that systems are protected from known and potential threats and are free from known vulnerabilities
- Contribute to IT risk identification, classification and response processes
- Security incident response duties as a member of the Cyber Security Incident Response Team (CSIRT); Respond to critical security issues on a 24x7 on-call basis.
- Perform technical security project implementations and meet project deadlines
- Actively contribute to inter-departmental and cross-functional teams for the protection of information assets
- Research and stay up-to-date on current security threats and vulnerabilities to relevant information systems
- Advanced knowledge of Windows Server administration; experience as an Active Directory domain administrator.
- Strong written and oral communication skills. Ability to communicate both high level proposals to upper management as well as detailed technical requirements to developers or administrators.
- Familiarity with security best practices and leading enterprise-class tools/solutions for anti-virus, anti-spam, secure email, web filtering, log consolidation, etc.
- Experience with firewall rulesets, especially Check Point. Experience with Cisco network equipment a plus.
- Knowledge of security frameworks and compliance standards (e.g. GLBA, PCI) desired.
- Experience with written (self-assessment questionnaire) and in-person security audits and assessments desired.
- Experience with Linux a plus.
- Bachelor’ s degree required, preferably in Computer Science or a related field
- At least three years of in-depth experience in one or more information security domains. Experience administering security technologies and/or programs. Working knowledge of regulatory requirements and security best practices. Working knowledge of vulnerability assessment tools.