About the Company:
Headquartered in Santa Ana California, Veros () is an established and growing technology company that develops, operates, and maintains custom software and business analytic solutions for the financial services industry. We are looking for a self-motivated, independent person to play a critical role as an experienced Security Administrator, to manage all aspects of Cybersecurity for the company.
Veros offers a unique opportunity that encourages creativity and professional growth along with a competitive salary and benefits package including medical, dental, vision, life, 401(k), paid vacation, holidays, and more.
Reporting to the VP of IT, the Security Administrator will be expected to provide front line support for all aspects of cybersecurity for Veros portfolio of financial services solutions. The role is also expected to provide subject matter expertise and guidance to Veros internal IT infrastructure and software architecture, design and development functions.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Proactively monitor Veros infrastructure for security breaches, unauthorized access, take appropriate action to mitigate risks, and provide root cause analysis
- Plan, coordinate, and implement cybersecurity measures to protect data, software, and hardware
- Strong understanding of networking concepts including encryption, switching, routing, security and load-balancing, including SSL VPN, P2P and various routing protocols
- Provide compliance reports and conduct internal/external penetration testing
- Stay current with the latest Information Security advisories, trends and recommend innovative solutions to continuously improve overall security posture
- Install, administer, monitor, and troubleshoot security solutions
- Experience with IT Security to include anti-virus, DLP, mail security, patch management, IDS/IPS systems, etc.
- Design, maintain and practice disaster recovery and business continuity strategies
- Maintain a secure environment for sensitive customer, prospect, and organizational trade secret data
- Develop cybersecurity standards and best practices documents for network security, application security, and access control
- Work closely with the development team to review existing applications and system enhancements to ensure protection against the OWASP Top 10 and other common security vulnerabilities
- Manage risk register or risk log or risk matrix to track and prioritize risks based on severity
- Provide recommendations for security enhancements to senior IT management
Other Internal Responsibilities:
- Adheres to all company policies and procedures including, but not limited to those identified within the Standards of Business Conduct and the Employee Handbook, as may be amended from time to time. Adheres to all applicable laws and regulations and the company's governance/compliance program.
- Responsible for reporting violations of the company's policies and procedures, Standards of Business Conduct, governance program, laws and regulations through the company's Help Line or other mechanism that may be available at the time of the violation. Assists with internal control failure remediation efforts.
- Becomes knowledgeable of internal control responsibilities through training and instruction. Responsible and accountable for internal control performance within their area of responsibility. Participates in the internal controls self-assessment process.
- Ensures concerns with internal control design or performance and process changes that impact internal control execution are communicated to management.
Qualifications and Requirements:
- Bachelor s degree or higher in Computer Science or related discipline (or equivalent career experience)
- 5+ years of progressive hands on security analyst/administrator experience
- Subject Matter Expertise and 3+ years hands on implementation/development experience in two or more of the following areas:
- Network security
- Application security
- Corporate security
- Colocation security
- Disaster recovery plan
- Business continuity plan
- Security information and event management (SIEM)
- Demonstrated excellence with troubleshooting and problem solving
- CISSP, ITIL, and Security certifications - Desirable
- Project management and planning background Desirable
- Configuring, compiling, and installing GNU-based open source software - Desirable