Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware and software utilized for data creation, collection and analysis. May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions.
DUTIES AND RESPONSIBILITIES Consistently provides proven, formal mentorship High complexity assignments – owner Moderate complexity assignments – owner (1 or >) Low complexity assignments – provide oversight/review Regularly lead self and others and/or established as Product SME and/or established as specialist Understands how whole picture aligns to overall Ensono strategy Oversee and review the following activities (concerning new security hardware and software infrastructure components or enhancements to existing solutions): research, analysis, selection, planning, and engineering. Influence and provide authoritative advice to IT Architects to ensure that the modified security hardware and software infrastructure interacts appropriately, data conversion impacts are considered, and other areas of impact are addressed and meet performance requirements. Develop methods to test, debug, analyze performance, and document security hardware and software infrastructure solutions. Develop methodologies to implement new and emerging security hardware and software infrastructure, perform highly complex product customization for multiple configurations, developed implementation and verification procedures to ensure successful new and emerging enterprise-wide security systems hardware/software. Manage highly complex hardware and software infrastructure analysis, and evaluation on resource requirements necessary to maintain and/or expand service levels or tune security hardware and software infrastructure solutions for optimum performance. Develop and recommend to management technical strategies and solutions to maintain and/or expand service levels or tune security hardware and software infrastructure solutions for optimum performance. Oversee and provide direct guidance to ensure that plans integrate effectively with other aspects of the technical hardware and software infrastructure. Resolve highly complex or critical incidents involving multiple enterprise services and components. Review, recommend, and approve major and significant changes for purposes of incident avoidance. Oversee and drive effort to analyze highly complex problems and solution alternatives. Recommend best alternatives and implement upon approval. Provide leadership and technical guidance in project management, planning, task definition, estimating, reporting, scheduling, documentation, and workflow. Review and validate accuracy of other's estimates.
SUPERVISORY RESPONSIBILITIES This position does not have direct reports but may mentor less experienced associates in the role.
RECRUITING INFORMATION Specific hiring needs may vary by location, industry, client, internal department and other business related factors. The qualifications section lists examples that may be used as guidance when populating required and preferred skills sections of recruiting requisitions / job postings.
QUALIFICATIONS Required Requires a minimum of 8 years of related security experience with a Bachelor’s degree, or 5 years and a Master degree; or equivalent work experience Required at least one of the following: – Certified Information Systems Security Professional (CISSP) – Certified Ethical hacker (CEH) – Certified Expert Penetration Tester (CEPT) Must be able to provide advanced event analysis, incident detection, and escalation procedures. Must have significant experience debugging application and network problems. Must have experience coaching, training, or developing junior analysts. Must have experience in system development concepts, algorithms, and malware analysis. Must be proficient with SIEM technologies. Must be proficient with common security device functions, such as IDS/IPS, Network and Host-based firewalls, DLP (Data Leakage Protection), monitoring) etc. Must be proficient with common network device functions, such as routers, switches, hubs, etc. Must be proficient with possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc. Preferred Advanced knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.Preferred (Including but not limited to the following certifications): – Cisco Certified Network Associate (CCNA) – GIAC Security Essentials (GSEC) – Global Certified Intrusion Analyst (GCIA) – GIAC Penetration Tester (GPEN) – Certified Expert Penetration Tester (CEPT)