Information Security Operations Lead
$130-150K % Bonus
The role of the IS Security Operations Lead Engineer is the most senior role within the team, and leads the security team that safeguards the confidentiality, integrity and availability of the enterprise infrastructure and information assets across Company. The scope of the position involves proactively identifying, recommending, implementing, maintaining and configuring key security technologies and initiatives. Specific initiatives included are the maintenance and configuration of key security tools such as Web Application Firewalls, WIPS, DLP, File Integrity monitors, Firewall Rule Auditors, Forensics Tools, Vulnerability Scanning Tools, Key Encryption as well as other security devices and operations.
The Security Operations team is responsible for management of all Security tools, executing the Security Incident Response process for any alerts or events found within their tools set or from additional sources as well as identifying and scoring risk related to the Enterprise. The Security Engineer is expected to maintain professional working relationships at all times. Contacts will include key corporate stakeholders, the Information Risk Security Team, Network National Operations Security Engineering, associated working groups, and external contacts within the information security industry. The individual is expected to meet objectives with integrity and efficiency.
Essential Duties and Key Responsibilities:
Proactively identifies gaps, makes plans, implements, updates, maintains, manages, monitors, and supports enterprise Security Tools.
Leads change control and device configuration management activities on all security technologies
Identifies the need for and provides management level reporting of all critical intrusion or vulnerability detection tools.
Invokes the security incident response process including security response team activities as well as providing and implementing tactical risk mitigation to incidents
Actively protects the availability, confidentiality, and integrity of customer, employee, and business information
Helps to lead in the Risk Assessment Program including identifying and scoring risk.
Provides vulnerability and threat management monitoring and mitigation response
Helps to lead in tactical and operational planning of vulnerability assessment activities
Contributes to Enterprise security team effectiveness by accomplishing additional security related results as needed
Mentors Senior and Lead Security Engineers in the review, development, testing and implementation of security plans, products and control techniques
Helps to lead the execution of EIS projects and initiatives
Participates in operations and tactical planning
Can act as a backup for the Security Operations manager in non-HR related scenarios
Manage individual workload to deliver to agree upon project milestones
Influence result driven tasks within the IS Security Team to complete successfully on time and on budget
Proactively promote consistent project-based performance measurement and skill development of junior staff
Model behaviors that demonstrate commitment to corporate values
College degree in related technical/business areas or equivalent work experience required.
10 - 12 years relevant work experience preferred.
Solid understanding of technology, operations and key business processes.
Member of SANS or other leading security organizations preferred.
Proven change management skills.
Highly flexible and able to adapt to change.
At least two (2) of the following Industry certificates CEH, CISSP, or OCSP required.
Influencing and negotiation skills.
Solid understanding of UNIX/Linux operating systems.
Solid Understanding of the common Unix and Windows utilities, diagnostic and monitoring tools.
Scripting experience with Perl, Shell and/or Java.
Strong verbal and written communication skills.
Strong organizational and interpersonal skills.
Strong team player with proven collaboration skills.
Strong critical thinking and problem solving skills.
Proven change agent who consistently delivers results.
Solid understanding of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
Understanding of the PCI (Payment Card Industry) data security standard and other regulatory concerns (SOX, FCRA, FISMA, etc.).
Relevant Technical Skills
Information Risk Management: Content filtering technologies, application Firewalls, vulnerability scanners, LDAP, SAML, forensics software, and security incident response.
O/S: Linux (Red Hat, SUSE), Windows Desktop (XP, Win7, and Win10) and Server (2000, 2003, 2008, and 2012), and UNIX (HP/UX, AIX, etc...).
Network: Firewall and Switching technologies (Cisco ASA, Juniper SRX, Checkpoint, etc...) OSI Model, VPN, IDS/IPS, Proxy/Reverse Proxy, WAF, Two Factor Authentication, RADIUS, Netflow, Anti-SPAM, and Vulnerability Scanning/Reporting (Qualys, Rapid7, Nessus, NMAP, etc. ).
Software Languages: Perl, PowerShell, Python, and SQL.
End Point: Anti Malware, HIPS, Client based Firewall, Whitelisting/Blacklisting technologies, GPO, WMI, and BASH.
Employment Type: Permanent
Work Hours: Full Time
Pay: $130,000 to $150,000 USD
Pay Period: Annual
Other Pay Info: Bonus
Click here to apply
Please mention that you saw the job on Telecom Market Intelligence