Location: Durham, NC
Duration: 3 Months, Contract to Hire
- Provide high level technical input into the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: Endpoint Security (Antivirus), Security Information and Event Management (SIEM), Intrusion Detection, Network Access Control, Data Loss Prevention, Network Scanning and Vulnerability Assessment
- Serve as an Incident leader on IT Security incident response team to handle incident investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
- Maintain awareness of new and emerging cyber attack threats with potential to harm company systems and networks.
- Devise and implement countermeasures to mitigate potential security threats, especially those that are more complex and far reaching.
- Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
- Coordinate security assessments/reviews /audits of systems including applications, servers, firewalls, remote access logs, web and email filters.
- Review more complex existing applications periodically and new applications prior to installation to ensure that the applications adhere to security policies. Perform detailed risk analysis assessment of applications, networks and systems.
- Review and analyze security and privacy exceptions. Work with business partners to resolve security and privacy exceptions
- Perform, review, and analyze system compliance monitoring / reporting.
- Perform more complex network vulnerability / penetration testing and information security forensics investigations.
- Develop, revise and maintain Standard Operating Procedures and Working Instructions related to IT Security.
- The major job functions/components above are the typical functions of the job and are not an exhaustive or comprehensive list of all possible job responsibilities, tasks and duties.
- Personnel in this position should be aware that the responsibilities, tasks, and duties of the jobholder may differ from those outlined in this job description and various other duties may be assigned as needed.
- Bachelor’s degree and 5 years of information security engineering experience.
- In lieu of degree, 6 years of information security engineering experience.
- Proficient technical security systems and safeguard knowledge use in a complex system infrastructure including: Antivirus, SIEM, Intrusion Prevention, Network Access control, firewall technologies, encryption based security safeguards and standards, major operating system security configurations data and network encryption technologies and products.
• Security technical expertise in one or more of distributed, mainframe, and midrange host environments.
- Knowledge of Network security understanding in a multi-protocol LAN/WAN environment including TCP/IP, IPSEC, SSL and HTTP
- Understanding of host and network intrusion detection, and monitoring systems and methodologies.
- Additional Education/Experience Preferences
- Bachelor’s degree in Computer Security, Computer Science, or Engineering.
- Knowledge of Identity Management solutions
- Informal mentoring skills.
- Strong consulting skillset with ability to provide appropriate direction to other IT groups on security matters.
- Demonstrated initiative to learn new technologies.
- Excellent analytical and problem-solving skills.
- Proven ability to present and discuss complex technical information to users with varying technical expertise.
- Must be detail-oriented with a focus on accuracy.
- Excellent written and verbal communication skills.
- Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
- Excellent customer focus and the ability to manage customer expectations.
- Demonstrated commitment to and leadership of continuous process improvement.
- Proven ability to work effectively in emergencies while handling multiple priorities.
- Professional and/or technical certification in Information Security is desirable (i.e. Security+, SANS certifications, CISSP, CISM, CISA, ISO).