Participate in the planning and designing of enterprise security architecture, under the direction of the IT Lead Security Analyst, where appropriate.
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate.
Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the IT Security Manager, where appropriate.
Develop and communicate policies, procedures, and plans to executive team, staff, partners, customers, and stakeholders regarding technology and industry-specific laws.
Acquisition & Deployment
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
Operational Management
Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
Maintain operational configurations of all in-place security solutions as per the established baselines.
Monitor all in-place security solutions for efficient and appropriate operations.
Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity.
Provide on-call support for end users for all in-place security solutions.
Collaborate with IT, security, human resources, and legal to ensure full legal compliance of company policies, procedures, forms, notices, and materials.
Maintain a strong awareness of legislative changes or amendments to ensure ongoing and future compliance.
Advocate company's compliance policies via regular written and in-person communications.
Ensure that information security measures and equipment adhere to all applicable laws and regulations.
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.
This position has a hybrid work schedule with three days in the office and the option for working remotely two days.
Incidental Functions
Issue user ID's and passwords to new users and monitors system access and use to identify any security violations; analyzes basic security findings and data.
Monitor security systems and analyze potential threats and vulnerabilities on networks.
Assist in the analysis of network traffic and alerts to assess, prioritize, and differentiate between potential intrusion attempts and false alarms.
Assist with other projects as may be required to contribute to efficiency and effectiveness of the work that helps the team succeed.
Formal Education & Certification
Bachelor's Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)
Preferred CISSP, PCNSA, or CCNA
Knowledge & Experience
1+ years IT experience.
Experience identifying and implementing solutions to complex business problems.
Experience in the following areas:
Network Security
Preferred experience managing firewall devices such as Palo Alto or Cisco
Preferred experience managing a cloud firewall proxy such as Zscaler (ZIA)
Preferred experience managing a cloud VPN technology such as Zscaler (ZPA)
Preferred experience with securing Industrial Control Systems (ICS)
Preferred experience working with API's.
Personal Attributes
Proven analytical and problem-solving abilities.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Good written, oral, and interpersonal communication skills.
Ability to conduct research into IT security issues and products as required.
Ability to present ideas in business-friendly and user-friendly language.
Highly self motivated and directed.
Keen attention to detail.
Team-oriented and skilled in working within a collaborative environment.
Strong commitment to inclusion and diversity
10% travel is required.
Work outside the standard office 7.5-hour workday may be required with on-call availability.
