Position Requirements

• Bachelor’s or advanced degree in Computer Science, Engineering, or equivalent in related field experience
• 5 years plus hands-on technology experience with focus on Information Security
• 10+ years of experience in Windows-centric applications and technologies, including:
• Scripting, OS management tools, and ad-hoc reporting
• Core OS security
• Active Directory
• Certificates and cryptography
• SMTP and SIP messaging
• HTTP applications
• Relational databases
• Experience in security policy development, vulnerability assessment, and compliance testing
• Hands-on experience with Firewall, IDS/IPS, SIEM, Authentication, and web filtering solutions
• Industry certifications: CISSP, GIAC, CISA, SANS GCFA, GCED, GMON, and Splunk certifications are a plus

Qualifications & Skills

• Ability to react quickly, decisively, and deliberately in high-stress, high-impact situations
• Strong decision-making capabilities, weighing the relative costs and benefits of potential actions
• An ability to collaborate with others to understand and influence their opinions, plans, or behaviors
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• An understanding of organizational mission, values, and goals and consistent application of this knowledge
• Self-directed knowledge gathering from a combination of public and internal sources – able to answer questions that haven’t been asked before
• Solid understanding of IP networking fundamentals, including LAN/WAN design theory including static and dynamic routing protocols, NAT, ACLs, etc.
• Solid understanding of information security principles and best practices, particularly NIST
• Hands-on configuration capabilities with Cisco, Fortinet, AWS, and Azure systems
• Hands-on configuration and knowledge of design and implementation concepts of firewall, VPN, IDS, and other security technologies
• Microsoft Server and Desktop Operating Systems, Active Directory, Exchange, Office 365
• Working knowledge of LINUX
• Ability to work independently as well as interactively with other team members
• Monitor and advise information security issues related to systems and workflow to ensure internal security controls are appropriate and operating as intended
• Prepare responses, or assist with responses, to client RFP’s, and information security assessments

• Coordinates resolution of security vulnerabilities
• Assist with user security awareness
• Assist with vulnerability testing, compliance audits, and security assessments
• Participate in resolution of security incidents
• Conduct project management and team leadership, time and budget management
• Interact directly and effectively with clients
• Possess excellent verbal and written communication and interpersonal skills
• Demonstrate command of the NIST Cybersecurity Framework