Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Create new information security policies and procedures when needs arise.
- Maintain and update existing information security policies and procedures.
- Review the policy on an annual basis and assist management with the approval process.
- Act as a central coordinating department for implementation of the Information Security Policies.
- Create, maintain and distribute incident response and escalation procedures.
- Monitor and analyze security alerts and distribute information to appropriate information security, technical and business unit management personnel.
- Perform reviews at least quarterly to confirm personnel is following security policies and operational procedures.
- Control and monitor access to restricted areas and confidential data. Ensure appropriate physical controls are in a place where cardholder information is present.
- Perform penetration tests on computer systems, networks and applications
- Create new testing methods to identify vulnerabilities.
- Perform physical security assessments of systems, servers and other network devices to identify areas that require physical protection
- Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses
- Search for weaknesses in common software, web applications and proprietary systems
- Review and provide feedback for information security fixes
- Stay updated on the latest malware and security threats.
- Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB).
Job Requirements
- Strong understanding of basic computer science: Algorithms, data structures, databases, operating systems, networks, and tool development (not production quality software, but tools that can help you do stuff).
- Strong understanding of IT operations: Help desk, Network Technologies, endpoint management and server management.
- Strong ability to communicate: write clearly and speak authoritatively to different kinds of audiences (business leaders and techies).
- Strong understanding of adversary Motivations
- Strong understanding of security operations concepts
- Knowledge about SIEM and DLP solutions.