Responsibilities Daily Responsibility:
* Lead network security design effort with many internal business owners.
* Interface with internal teams, customers, and partners.
* Collaborate with cross-functional teams and business unit leadership in developing project objectives and timelines.
* Get involved at many security applications Symantec offers to enterprise and consumer market
* Define project and release scope.
* Work with the team on detailed technical design.
* Drive detailed definition of feature requirements through discussions with product managers and customers.
Develop plans for security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
* Support security aspects of business initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.
* Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
* Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies.
* Establish collaborative working relationships with the businesses, functions and regions to ensure that IT solutions align with security architecture and business strategy.
* Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, and network security appliances.
* Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
* Provides second- and third-level support and analysis during and after security incidents.
* Research and assess new threats and security alerts and recommend remedial actions.
* Support security governance, security requirements analysis, incident response, audit facilitation & remediation, and development of Security & Risk Management policies, procedures.
Qualifications Desired Skills and Experience
5+ years' work experience in information security and/or related functions (such as Security Audit, Risk Management, or Security Architecture). During recent history, candidate must have demonstrated exceptional ability to assess, manage and communicate information security concepts and practices, with business stakeholders.
Specifically, we're looking for:
* Significant exposure or understanding of the following concepts, practices, and technologies: identity management, federated identity services, incident management, access control, end-point protection, network security and perimeter security, firewalls, IDS/IPS, SIEM, network design standards, desktop security tools, anti-malware solutions, application vulnerability testing, public key infrastructure.
* Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
* Significant SoX and HIPPA experience in dealing with demonstrated through hands-on audit, remediation, and/or computer system validation. Excellent understanding of current Information Security & Architecture trends and their impact on business strategies including: key Information Security vendors and solutions, audit organizations and influential market research firms.
* Excellent communication and influencing skills with strong ability to balance differing stakeholder interests through sound analysis and persuasion.
* Strong people skills, collaborative ability to work with many internal teams
* Ability to formulate Security Architecture vision and translate vision into execution.
* Thorough understanding of Information Security frameworks and good practices (e.g. ISO, NIST), and proven ability to strike a balance between an academic and pragmatic approach.
* A college degree or relevant work experience is important for successful performance of this role. Candidate must have a Bachelor's degree in information systems, computer science or equivalent work experience. Information security qualifications such as CISSP preferred. Recent work experience in a "Big Four" focused in health care or a Fortune 100 health care/life science firm is a plus