Overview
Skills
Job Details
Onsite Role-
The IT Security Specialist will be responsible for a number of functions associated with IT security from ensuring the security of software to selecting and/or constructing and deploying broader network security systems. The broader scope for IT Security position including:
Security Sciences - provides highly functional, available, trusted solutions that enable the ACS to prevent, detect, respond, and recover from cyber threats. To work with CISO to enhance the security program at ACS.
Threat Management: Threat Management leads, executes, and advises on threat prevention, detection, response, and recovery strategies. This is achieved through citywide Incident Response planning and engagement, the Security Operations Center (SOC), integrated Cyber Threat Intelligence, and Counter Threat Automation and orchestration.
Vulnerability Management: The threat Management program at ACS provides a risk-based understanding of their vulnerability posture through a process of continuously identifying, classifying, and proactively engaging agencies on remediation and mitigation.
Governance, Risk, Compliance. (GRC): To prioritize the implementation of cybersecurity services and capabilities to ensure compliance, reduce cybersecurity risk and improve their cybersecurity posture. Additionally, program managers/analysts are responsible for tracking and reporting on the ACS Information security program improving their cybersecurity posture and maturity. The current CISO infosec program involves Security Accreditation to maintain GRC at ACS, candidate will work in the team to help CISO with cyber SSA and Application Security.
The position of IT Security Specialist is necessary to implement critical initiatives and bridge the gap between security and IT infrastructure operational tasks and must be proficient in:
Identifies probable system exposure, compromise, problems, or design flaws and escalates issues to CISO to limit serious performance impact.
Define, manage, and monitor data security, confidentiality, integrity, and availability.
May provide training, conduct new hire orientations, and produce ongoing monthly security awareness newsletters.
Define, manage, and monitor security devices, including procedures for detecting, reporting, and responding to computer security incidents.
Serves as subject matter expert regarding security design of applications, networks, servers, storage and virtualization, directory services, identity connectors, authentication, web single sign-on and federation, and application servers providing delegated administration, role management, and web services. Liaise with vendors, as necessary.
Review and analyze design and/or accreditation documentation to ensure appropriate security controls are in place.
Perform security assessments of applications and infrastructure.
Analyzes, designs, implements, tests, troubleshoots, integrates, documents and configures IT security infrastructure to maximize performance and capacity.
Monitor developments regarding various IT architectural platforms, including hardware, software, network communication components, operating systems, LDAP, server networking, basic load-balancing, DNS, certificate management, and HTTPS.
Preferred Skills:
Excellent verbal and written communication skills.
Need 8-10 years of experience
Ability to work both independently and as part of a team.
Knowledge of Networking (Firewall, Networking Protocols);
Working knowledge of Rapid 7
Working knowledge of CrowdStrike
Working knowledge of Information Security Domains
Working knowledge of Security protocols
Working knowledge of Cloud computing