The Security Administrator, working in a team environment, identify / recommend / implement / maintain our client's Information Security systems. Primary activities include administration of Firewall, Intrusion Prevention System, Security Incident Event Manager (SIEM) and Vulnerability Management System with the ultimate goal of ensuring that the very sensitive data entrusted to our client remains secure.
ESSENTIAL JOB FUNCTIONS
Documentation and Creation of Information Security System Administration procedures.
Perform network security assessment, risk assessment, and vulnerability testing.
Securely implement the addition of new network components.
Vulnerability Management and Remediation: Review current environment for vulnerability exposure and emerging threats and manage remediation cycles.
Monitor and investigate potential Information Security breaches.
Perform day to day management of the Internet content filtering system, Patch Management, IDS/IPS, Anti-Virus system, and Security Incident and Event Management System. Includes policy management, systems administration and configuration, maintaining the systems noted above, and all underlying hardware, OS, and databases.
Participate in investigations of SIEM items to determine root source and validity of reported events. Assist with ongoing tuning of the SIEM tool and reports.
Works to implement appropriate content filtering rules, troubleshooting issues, and assist with Security specific reports.
Proactively identifies or rapidly responds to customer security issues.
Applies extensive technical expertise in the management of security tools and remediation of security events/incidents.
Provide technical assessment of the security impacts from changes to operational networks.
Develop secure network architectures, requirements, operational concepts, and security accreditation plans and procedures.
Evaluate new hardware and software technology as it applies to information security.
Participate in IT security incident response
Solid Linux OS Systems Administration background
Intrusion Detection and Intrusion Detection Systems (IDS/IPS)
Firewalls: Cisco ASA/PX, Check Point, etc
Web and email filtering solutions
Network traffic analysis tools: Wireshack, ArcSight, etc.