Responsibilities

: Develop and implement security policies, procedures, and guidelines to ensure the effectiveness of Security and Compliance operations. Evaluate security systems and identify opportunities for security automation and improvements on a continuous basis. Test and identify potential network and system security vulnerabilities. Develop and implement cost-effective security solutions to mitigate risks and enhance system security. Monitor and audit on-prem, cloud, and end point infrastructure with security tools. Perform risk assessments to identify any security issues that could lead to lost or stolen data and provide recommendations for mitigating identified risks. Develop and implement incident response plans and procedures. Monitor and analyze security alerts to identify and respond to potential security incidents. Supporting corporate patching initiatives. Prevent intrusions using current security hardware and software. Identify security breaches and take action to stop them and prevent them in the future. Implement the right software and hardware into current and future network environments. Deliver security awareness training and corporate security strategies. Complete customer due diligence and security assessments. Partner with DevOps on security matters and to remediate/prevent vulnerabilities. Lead security audits and assist investigations that involve Legal and/or Human Resources. I Experience Required: Bachelor's degree in computer science, information systems, or a related field is preferred. Deep working knowledge of network and security protocols (conversant with each layer of OSI model) 10+ years of practical experience implementing and deploying security controls 5 years experience in a system administrator role 7 years experience in an information security role 3-5 years in network and systems engineering is a plus Intermediate proficiency with Microsoft desktop and server operating systems Intermediate proficiency with Linux server operating systems Working knowledge of at least one of these scripting languages: Powershell, Python, Bash, VB Script Familiar with the following technologies (or derivatives): Automation platforms like Ansible, Tower, Chef, PuppetSplunk and SIEM technologyCarbon Black and endpoint securityzScaler and host based firewallsManage Engine or SCCMRapid7 InSightVM or Nessus vulnerability scanningNetwork and application pentesting, to include proficiency with Kali Linux Understanding of identity management, VPN, SSO, MFA, and authentication standard methodologies Strong working knowledge of CIS Benchmarks and Framework Understanding of IS impacts of external industry and Governmental regulations (such as SOX, PCI-DSS, HIPPA, FISMA, MARS-E, IRS Pub 1075, DISA STIGS, CMMC, etc.) Passionate about Information security and have excellent analytical, problem-solving skills Excellent interpersonal and organizational skills as well as the ability to communicate effectively Strong understanding of security operations concepts: perimeter defense, BYOD management, data loss protection, risk assessment and security metrics Solid understanding of patch and vulnerability management Knowledge of firewalls, endpoint security, and IDS/IPS concepts, and malicious code Understanding and support incident response, reporting, and root cause and risk analysis Must have the ability to multi-task, prioritize and be able to work independently or within a team environment. Ability to develop solutions to a variety of complex problems, and reference established precedents and policies