• Works closely with all members of the Infrastructure team to design and build secure environments both on-premise and in the Cloud
• Works closely with all members of the Infrastructure team to evaluate, recommend, and assist in implementing solutions to meet security requirements
• Assists research areas, colleges, and departments to ensure regulatory compliance in areas such as Personally Identifiable Information (PII), the Health Insurance Portability and Accountability Act (HIPAA)
• Serves as the HIPAA and PII security expert for the Spokane Health Sciences campus, and works with University privacy officers and the office of the CISO to ensure full compliance in securing Protected Health Information (PHI)
• Reviews data sharing agreements/contracts and consults with PIs and the Office of Research, providing recommendations on solutions to meet contract requirements
• Leads an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the University’s goals and business processes so that effective controls can be put in place for those areas presenting the greatest information security risk
• Employs proactive measures to prevent potential disaster situations by ensuring proper protections are in place, such as intrusion detection and prevention systems, firewalls, and effective physical safeguards
• Provides for the availability of computer resources by ensuring a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts
• Conveys vulnerabilities and provides recommendations to senior leadership to mitigate risks by communicating in non-technical, cost/benefit terms
• Provides risk mitigation strategies in a format relevant to senior leadership so decisions can be made to ensure the security of information systems and information entrusted to the University

Skills: Cloud Security, Risk Assessment, Regulatory Compliance, Data Protection, Firewall Management, Disaster Recovery, Vulnerability Analysis, Security Consulting

• Stays engaged in all ongoing activities related to the development, implementation, and maintenance of the University’s information security policies and procedures
• Ensures these policies and procedures encompass the overall security of electronic information at rest or in motion within the WSU Spokane Health Sciences campus by assisting departments in local process and procedure development, ensuring they are not in conflict with University policies
• Evaluates security incidents and determines what response and coordinates University responses, including technical incident response teams, when sensitive information is breached
• Develops and/or utilizes existing information security awareness training and education programs
• Collaborates with other University entities to present them to faculty, staff, and students
• Participates in local, regional, and national awareness and education events
• Develops and implements policies and processes for data security to meet regulatory compliance requirements
• Provides security consultation to researchers to improve research data security
• Consults with departments and colleges to improve system and network security across the WSU Spokane infrastructure
• Works with other technical staff to diagnose and solve computer and network security-related problems that span multiple technologies (i.e., network connectivity, client/server communications) and/or support areas within the University
• Collaborates with the university security teams state-wide

Skills: Policy Development, Incident Response, Security Training, Data Security, Regulatory Compliance, Network Security, Security Consultation, System Troubleshooting

• Leading walkthrough meetings
• Obtaining and evaluating audit evidence
• Guiding associates on NIST 800-171 / CMMC requirements to be able to pass certification
• Handling daily tickets and picking up tasks for ongoing cyber projects
• Working with various SIEM tools
• Working with access controls and Firewall Management
• Handling different aspects of the company's Network Security
• Research and analyze vulnerabilities and their applicability to company assets, assisting teams in the identification of high-risk exposure
• Takes ownership, executes and creates vulnerability reporting metrics
• Identify, create and maintain key performance metrics for the measurement of vulnerability management practices
• Support IT partners by performing IT security risk analysis on vulnerabilities following established methodologies, and documenting reported results

Skills: Audit Evaluation, Compliance Guidance, SIEM Management, Access Control, Firewall Management, Network Security, Vulnerability Analysis, Risk Reporting

• Working with IT Governance, Application Specialists and Network Analysts to ensure optimal security
• Selecting, implementing and operating all security-related tools
• Reporting security breaches as they occur to IT leadership
• Providing weekly-monthly-quarterly-annual reports to IT leadership
• Taking the lead in any security breaches and following the process as per policy and procedure
• Working on projects as the security lead, acts as a Tier 2 IT resource on projects
• Responsible for the security portion of audit compliance, reporting to Internal Audit and External Audit
• Managing the security and business continuity (backups, restores, tests) portion of all vendors (SaaS, IaaS, Managed Services), ensuring they comply with vendor management and security policy
• Handling security and infrastructure cloud (Office 365, IaaS, etc.) related escalation tickets from the Service Desk Tier 1
• Working with IT leadership to identify and evaluate innovative ideas
• Administer the VMWARE infrastructure and data center environment at the support services office

Skills: Security Management, Tool Implementation, Incident Reporting, Audit Compliance, Project Leadership, Vendor Management, Cloud Administration, Infrastructure Support

• Install and monitor security software
• Install security measures (firewalls and data encryption programs) to protect systems and information infrastructure
• Monitor networks for security breaches
• Conduct frequent testing to look for vulnerabilities
• Perform Risk Management and Compliance audits
• Review and answer customer questions and complete compliance audits
• Look for opportunities to improve system security by researching enhancements
• Make recommendations to leadership based on findings
• Review the implementation of external computer systems and programs
• Examine external vendor systems and/or programs used by Service King to ensure security standards are maintained
• Investigate potential security breaches and other cybersecurity incidents
• Examine and document security breaches to assess damage and resolve issues related to the breach
• Prepare reports noting security breaches and the extent of damage caused
• Stay current on IT security trends and best practices
• Stay up to date on the latest industry trends, news, and practices

Skills: Security Monitoring, Firewall Installation, Network Protection, Vulnerability Testing, Risk Management, Compliance Auditing, Incident Investigation, Security Reporting

• Research/evaluate emerging security threats and ways to mitigate them
• Security alerts and provide incident response
• Monitor identity and access management, including monitoring for abuse of permissions by authorised system users
• Intrusions and unusual, unauthorised or illegal activity
• Keep up to date with the latest security and technology developments
• Use analytic tools to determine emerging threat patterns and vulnerabilities
• Generate reports for both technical and non-technical staff and stakeholders
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Conduct security risk assessments, business impact analysis and recommend appropriate control improvements
• Ensure work is compliant with legal requirements, external standard requirements, and Featurespace IT-related policies
• Ensure all processes and controls that fall within area of responsibility are operating effectively and are correctly evidenced as working
• Assist with the creation, maintenance and delivery of cybersecurity awareness training for colleagues
• Contribute to the development of information security policy, standards and guidelines

Skills: Threat Research, Incident Response, Access Monitoring, Intrusion Detection, Risk Assessment, Security Reporting, Compliance Management, Security Training

• Develop and lead an information security awareness program
• Conduct internal security reviews and assessments
• Assist with assessments and audits conducted by outside entities
• Conduct information gathering in support of legal hold and electronic discovery requests
• Create awareness of security concepts, requirements, and resources
• Evaluate processes and procedures for secure operations
• Facilitate compliance with LCS policies and standards
• Facilitate compliance with government and industry regulations
• Help identify, define, and mitigate information security risks
• Assist with the creation and review of security policies, procedures, standards and guidelines
• Respond to security-related incidents and requests
• Participate in projects as a representative of the Information Security team

Skills: Security Awareness, Internal Auditing, Compliance Management, Risk Mitigation, Policy Development, Process Evaluation, Incident Response, Security Consultation

• Plan, implement and oversee the operation of the University's information security protection program
• Manage response to security incidents (e.g., data breaches)
• Aggregate, correlate and analyze data
• Audit to ensure compliance with established regulations, standards, policies, procedures, and configuration security guidelines
• Manage information security vendor assessments, security attestations, re-certifications, audits, risk assessments, and security testing
• Design, implement and integrate security information and event management (SIEM), log management, anomaly detection, and configuration and vulnerability management
• Design and implement information security solutions/infrastructure
• Manage information security risks
• Assess risk strategies to manage risk
• Provide solutions for remediation and compensating controls
• Plan and implement identity and access management/governance
• Review and analyze security device configurations and policies
• Participate in defining, implementing and measuring security awareness and training

Skills: Security Program Management, Incident Response, Data Analysis, Compliance Auditing, Vendor Assessment, SIEM Implementation, Risk Management, Access Governance

• Collaborate with the other members of the security team and operations to maintain security
• Conduct security assessments through vulnerability testing and risk analysis
• Perform internal and external security audits
• Respond to security audits from outside parties
• Continuously update the company's incident response and disaster recovery plans
• Assist with the development of policy and procedures
• Work with the team to implement security controls
• Participate and lead security incident response
• Act as a thought leader and provide technical leadership and mentorship to the team
• Function as a senior member of project teams, providing active advisory, and lead smaller projects
• Actively look for opportunities to provide guidance or identify gaps and escalate them to leadership with potential solutions
• Advise on priorities and priority changes in the project portfolio
• Act as a critical team member on many projects simultaneously
• Responsible for actively identifying necessary process improvements, suggesting them to leadership 
• Actively document processes and gaps

Skills: Vulnerability Assessment, Risk Analysis, Security Auditing, Policy Development, Incident Response, Disaster Recovery, Team Leadership, Process Improvement

• Responsible for assessing information risk and facilitating remediation of identified vulnerabilities for IT security and risk across the agency
• Assessing information risk and facilitating remediation of identified vulnerabilities with IOA’s network, systems, and applications
• Performing vulnerability assessments utilizing IT security tools and methodologies
• Performing assessments of the IT security/risk posture within the network, systems, and software applications, in addition to assessments within the Vendor Management Program
• Identifying opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios
• Facilitating and monitoring the performance of risk remediation tasks and changes related to risk mitigation
• Reporting findings and making recommendations for corrective action
• Maintaining oversight of IT and vendors regarding the security maintenance of their systems and applications
• Providing regular status reports that include outstanding issues

Skills: Risk Assessment, Vulnerability Management, Security Evaluation, Vendor Oversight, Risk Mitigation, Remediation Tracking, Corrective Action, Status Reporting

• Assisting in all IT audits, risk assessments and regulatory compliance matters
• Performing IT security and risk assessments across the enterprise (e.g., data systems, network and/or web)
• Facilitating and monitoring IT Security incident management and response
• Addressing questions from internal and external audits and examinations
• Providing guidance and best practice recommendations for IT security policies, procedures, and standards that meet regulatory requirements, including HIPAA and PCI
• Creating and facilitating IT security/risk training curriculum for the enterprise
• Serving as a project manager, waterfall /lead for IT security projects
• Leading IT architecture security risk assessments and developing solutions/processes
• Perform general administrative duties such as the development of documentation to submit for closure, document, standardize, and communicate

Skills: IT Auditing, Risk Assessment, Incident Management, Regulatory Compliance, Policy Guidance, Security Training, Project Management, Documentation Development

• Provide quarterly Security Risk Assessments for the Digital Identity Services products to ensure maintenance of the Security Authority
• Identify and recommend security system improvements
• Internal security consulting on projects
• Deliver Network security architecture, network access and monitoring
• Compliance tasks against the standard security policies (ISO)
• Working with the Information Security Management System (ISMS)
• Initiating security compliance-based conversations with business and infrastructure leaders
• Proposing and developing efficiencies for operational processes
• Troubleshooting and remediating enterprise risk via technical controls
• Reviewing and documenting enterprise procedures for mandated security solutions

Skills: Risk Assessment, System Improvement, Security Consulting, Network Architecture, Policy Compliance, ISMS Management, Process Optimization, Technical Remediation

• Monitor computer enterprise networks for security issues and investigate security breaches and other cybersecurity incidents when they occur, based on established policies and protocols
• Install security measures, authentication protocols, hardware, and software to protect systems and information infrastructure, including firewalls and data encryption programs
• Conduct security assessments through vulnerability testing and risk analysis and perform both internal and external security audits
• Analyze security breaches to identify their root cause and then document findings and assess the damage they cause
• Work with other IT and security governance team members and department heads across the organization to formulate and perform tests, audit protocols, and other techniques to uncover network vulnerabilities
• Review the latest security alerts, both internal and external, to determine relevancy and urgency regarding the company and established policies
• Develop and implement systems, policies, and protocols to continuously scrutinize the network infrastructure and operating environment for vulnerabilities, weaknesses, flaws, and deviations from policy and standard
• Maintain a security awareness training program for all employees
• Develop and deliver metrics that can be used to measure security capability and performance

Skills: Network Monitoring, Incident Investigation, Firewall Installation, Vulnerability Testing, Risk Analysis, Security Auditing, Policy Development, Security Training

• Ensure that digital assets are protected from unauthorized access including both cloud and on-premise infrastructures and public-facing or internal systems
• Provide reports and other documentation for IT administrators, managers, and security team members to use to evaluate the efficacy of the security policies in place
• Develop company-wide best practices for IT security policies, protocols, and procedures and perform network penetration testing to assess the performance of those best practices
• Verify the security procedures and systems of third-party vendors
• Collaborate with them to meet security and regulatory compliance requirements
• Research security enhancements, innovations, and industry improvements and then make recommendations based on that research
• Stay up to date on emerging information technology trends and security standards
• Educate IT and security governance team members, supervisors, executives, and other stakeholders 
• Help integrate system security best practices into the company’s access procedures

Skills: Asset Protection, Policy Development, Penetration Testing, Vendor Verification, Regulatory Compliance, Security Research, Trend Analysis, Security Education

• Serves as liaison with IT and business area partners to identify, understand, document, and advise on security requirements, impacts and risks
• Researches, evaluates, and recommends information security-related hardware and software
• Develop business cases for security investments
• Assists and supports the development of security architecture
• Participates in IT projects to ensure that security issues are addressed throughout the project life cycle and participates in initiatives to identify, select, and implement technical controls
• Analyzes, proposes, and implements solutions concerning residual risk, vulnerabilities, and other security exposures
• Develops information security processes, policies, and procedures
• Advises on service level agreements and works to ensure that security controls are managed and maintained
• Develops and maintains documentation for security systems, procedures, and security diagrams
• Serves as a liaison and/or support on audit-related initiatives, managing relationships, collecting data, progression tracking, assessment, and remedial activities

Skills: Security Consulting, Risk Analysis, Security Architecture, Technical Controls, Policy Development, Vulnerability Management, Documentation Management, Audit Support

• Investigates security breaches and other cybersecurity incidents
• Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs
• Documents security breaches and assesses the damage caused
• Works with the security team to perform tests and uncover network vulnerabilities
• Fixes detected vulnerabilities to maintain a standard of high security
• Develops company-wide best practices for IT security for both on-premise systems and cloud environments
• Helps colleagues install security software and understands information security management
• Research security enhancements and make recommendations to management
• Stays up-to-date on information technology trends and security standards

Skills: Incident Investigation, Firewall Management, Vulnerability Testing, Risk Mitigation, Security Best Practices, Cloud Security, Security Software, Security Research

• Responsible for keeping Four Seasons' Information Security Policies and Procedures up to date
• Review and provide consultation on Four Seasons’ technology risk assessments
• Define and ensure that these policies are translated into day-to-day operational procedures that are diligently followed in-region
• Manage escalated SOC alerts to remediation by liaising with 3 rd party support teams
• Perform daily break-glass oversight checks
• Attend IT Security governance meetings, take and follow up on any outstanding actions
• Assist colleagues with Ad-hoc activities to support IT Security controls
• Assist with the management and remediation of IT Security Risks
• Ensure delivery of appropriate MI/reporting and analysis for all aspects of IT Security

Skills: Policy Management, Risk Assessment, SOC Oversight, Incident Remediation, Governance Support, Risk Management, Security Reporting, IT Collaboration

• Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for the agency are appropriate and operating as intended
• Incident response applies to any cybersecurity event that occurs within the State of Michigan's networks and infrastructure
• Identify and prioritize the incidents that represent the most significant risk to the State of Michigan assets
• Contain the attack and assist in the recovery of systems so that State of Michigan employees can continue to provide key services to state residents and partners
• Incident response position serves to ensure the State of Michigan's computer networks and infrastructure remain fully operational, and the integrity of its data is preserved
• Efforts to maintain and restore technical services across the State of Michigan
• Collaboration or tensions between organizational units within DTMB and across the State of Michigan
• Incident response involves the investigation of all security events
• Incident response team members serve as first responders
• Determine the scope and severity of a security incident, and then decide to either pursue it to resolution or escalate to teams with more specialized knowledge and skills

Skills: Security Monitoring, Incident Response, Risk Prioritization, System Recovery, Data Integrity, Network Maintenance, Cross-Team Collaboration, Incident Escalation

• Create and maintain the enterprise’s security awareness training program
• Create and maintain the enterprise’s security documents (policies, standards, baselines, guidelines, and procedures)
• Analyzes facts to determine action based on standard practice and procedures
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
• Responsible for the deployment, integration, and initial configuration of new security solutions and of any improvements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically
• Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories
• Supervise the execution of vulnerability assessments, penetration tests, and security audits
• Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents
• Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups, to ensure enterprise-wide understanding of security goals, solicit feedback, and foster co-operation

Skills: Security Training, Policy Development, Threat Analysis, Security Deployment, Data Protection, Vulnerability Assessment, Penetration Testing, Cross-Team Communication

• Ensure that the company's digital assets are protected from unauthorized access
• Conduct security assessments through vulnerability testing and risk analysis using internal and external tools and resources
• Verify and audit the security of third-party vendors and collaborate with them to meet security requirements
• Process and perform internal and external recurrent IT security audits
• Address, analyze, mitigate, and document threats, risks, and security breaches
• Design, document and develop security policies and processes in line with industry standards and best practices
• Generate reports to evaluate the efficacy and metrics of the security policies and processes
• Ownership for keeping Maxon’s security systems up to date
• Documentation and planning of all security-related information, including incident response and disaster recovery

Skills: Asset Protection, Vulnerability Testing, Vendor Auditing, Security Auditing, Threat Mitigation, Policy Development, Security Reporting, Disaster Recovery

• Moderate to strong Unix skills of any platform (ie, RHEL, Solaris, AIX, Ubuntu)
• Reviews, analyzes, develops, installs, modifies, maintains, and/or supports critical security software components on Unix-based systems
• Executes security controls to prevent hackers from infiltrating company information or jeopardizing programs
• Provides technical support activities for a production environment
• Troubleshoot user authentication and authorization issues for Unix-based systems
• Rotational 24/7 on-call support required
• Educates internal users on security software and procedures
• Provision access for users according to policy and procedures
• Work with server owners to gather information for targeted servers for BoKS installations
• Configure the necessary components for BoKS
• Analyzes and resolves problems related to access failures
• Work with other teams to ensure success

Skills: Unix Administration, Security Controls, Technical Support, Authentication Troubleshooting, Access Provisioning, BoKS Configuration, User Education, Problem Resolution

• Researchers attempted to compromise security protocols and recommend solutions
• Maintains security systems and administers security policies to control access to systems
• Maintains the company firewall and utilizes applicable encryption methods
• Creates information security documentation related to the work area and completes requests in accordance with company requirements
• Responds to information security-related questions and inquiries using established information security tools and procedures
• Resolves and/or performs follow-through to resolve all information security issues and questions
• Implements and administers information security controls using software and vendor security systems
• Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management
• Interfaces with the user community to understand security needs and implements procedures to accommodate them
• Ensures that the user community understands and adheres to the necessary procedures to maintain security
• Provides status reports on security matters to develop security risk analysis scenarios and response procedures

Skills: Security Research, Policy Administration, Firewall Management, Encryption Implementation, Documentation Development, Issue Resolution, Security Controls, Workflow Improvement

• Administering IAM/IAG tools and processes
• Support access management initiatives along with the implementation of best security practices
• Assist with application enrollments into SailPoint IdentityIQ
• Implement role engineering and RBACs using SailPoint IdentityIQ
• Automate access provisioning/de-provisioning using REST API’s
• Configure access re-certifications for key controls
• Analyze day-to-day requests and assist with automation
• Develop custom workflows, custom rules, and custom forms

Skills: Identity Management, Access Control, Role Engineering, RBAC Implementation, API Automation, Access Certification, Workflow Development, Process Automation

• Monitor computer networks, systems, and applications for security issues
• Investigate security breaches and other cybersecurity incidents
• Document security breaches and assess the damage they cause
• Work with the Security Operations Center (MSSP) to uncover network, application and data vulnerabilities
• Fix detected vulnerabilities to maintain a high-security standard
• Verify the security of third-party vendors and collaborate with them to meet security requirements
• Participate in regular audit and testing exercises
• Assist other teams and team members in installing security software and understanding information security management
• Research security enhancements and make recommendations to management
• Stay up-to-date on information technology trends and security standards
• Provide support for data protection on computers, servers, storage systems and network infrastructure
• Assist with the implementation of policies and procedures to ensure data protection is consistent with company goals, industry best practices, and regulatory requirements

Skills: Network Monitoring, Incident Investigation, Vulnerability Management, Vendor Verification, Security Auditing, Software Installation, Data Protection, Policy Implementation

• Assist with the implementation of new technologies and provide skills training to other IT staff
• Participate in security reviews of applications, computers, peripherals, servers, storage systems, cloud solutions, and infrastructure to ensure data is protected
• Act as a contributor for enterprise-level strategic projects, meeting milestone deadlines, and accomplishing project action items
• Ensure that proper operating procedures are adhered to during the full lifecycle of all security systems including documentation, implementation, maintenance, monitoring, support, refresh/upgrades, and decommission
• Comply with corporate incident management, change management, and problem management processes
• Monitor assignment and completion of efforts documented in these systems
• Properly escalate issues to management
• Serve as a point of contact for interactions with vendors for issue remediation and root cause analysis
• Work with internal teams to install various types of software on a variety of hardware platforms and operating systems including system updates, patches, and configuration changes
• Analyze data from monitoring systems to recognize trends and create proactive solutions to prevent recurring issues
• Monitoring solutions include SolarWinds, Manage Engine, Watchdog, and notices from MSSP

Skills: Technology Implementation, Security Reviews, Project Management, System Maintenance, Incident Management, Issue Escalation, Vendor Coordination, Data Analysis

• Provide Information Security Program and Risk Management support by helping to define key risk indicators, gathering metrics, and analyzing the effectiveness of District and System information security programs and policies
• Assist with creating or adjusting ongoing programs and policies as warranted based on ongoing analysis of effectiveness and internal and external cyber threat landscape and risk posture
• Evaluate the effectiveness of awareness and training programs and make recommendations for improvement
• Analyze information security control metrics to demonstrate effectiveness or need for control improvement
• Develop regular security briefings and other collateral that communicate cybersecurity and organizational risk to various stakeholders based on analytical viewpoints derived from multiple sources of internal and external security data points
• Create, distribute, and update reports on information security service performance to management and information security governance forums
• Interface with staff from various departments, communicating security issues and responding to requests for assistance and information
• Contribute to the maturation of Insider Risk Program 
• Developing and deploying training and awareness campaigns, creating and tracking new metrics and reporting, and executing on program administration requirements

Skills: Risk Management, Policy Analysis, Training Evaluation, Control Metrics, Security Reporting, Data Analysis, Stakeholder Communication, Awareness Campaigns

• Maintain operational configurations of all IT security solutions including Patch and Vulnerability Management, Endpoint Protection, Firewall Management, Log and Event Management
• Provide support for global security systems and tools
• Assist in the planning, design, and implementation of enterprise security architecture for technical, operational, and administrative activities
• Participate in security-related projects and activities
• Maintain knowledge of the IT security industry to improve security program effectiveness
• Provide recommendations for additional security solutions or enhancements to existing controls, to improve overall enterprise security and “defense in depth” strategy
• Perform the deployment, integration, and initial configuration of all new security solutions as well as enhancements to existing security solutions in accordance with standards and best practices
• Review security logs and events that are collected using the provided tools
• Participate in the Security Incident Response Team (SIRT) to identify and resolve security issues 24/7/365
• Participate in SOX control and control monitoring activities in support of Corporate Compliance
• Perform and execute vulnerability assessments, penetration tests and security audits

Skills: Vulnerability Management, Endpoint Protection, Firewall Management, Security Architecture, Log Analysis, Incident Response, Security Enhancement, Penetration Testing

• Keep up to date on the latest vulnerabilities that may affect Rockwell systems
• Conduct triage of vulnerabilities based on criticality
• Contribute to vulnerability management process development
• Develop and conduct remediation activities with internal stakeholders in response to detected vulnerabilities
• Develop, research, and maintain proficiency in tools, techniques, and trends related to vulnerability analysis
• Identify the root cause of cybersecurity incidents
• Develop base statistical methods to display cybersecurity risk
• Hunt for new vulnerabilities
• Perform security penetration tests on networks, web-based applications, and computer systems
• Create and deliver findings and/or reports to application owners and management
• Consult application owners on best practices for remediation

Skills: Vulnerability Analysis, Risk Triage, Process Development, Remediation Planning, Incident Investigation, Penetration Testing, Threat Hunting, Security Reporting

• Implement, manage, and monitor security products and technologies
• Provide input towards the strategy on malware detection, network security, forensics, data protection, logging and monitoring, and related functional areas
• Monitor logs and review alerts while identifying, remediating, and escalating incidents that occur within the environment
• Develop and maintain technical documentation around the discovery and mitigation of threats and vulnerabilities
• Review current security system configurations for correctness
• Monitor, report and investigate access to determine unauthorized access attempts
• Provide continuous testing of systems for situations requiring corrective action
• Perform risk assessments and audits of data processing systems
• Assist with internal security awareness testing and training
• Train and educate staff on information security procedures

Skills: Security Management, Malware Detection, Log Monitoring, Incident Remediation, Threat Documentation, Access Investigation, Risk Assessment, Security Training

• Perform vulnerability scanning and/or assessments of business applications, websites, and identify deviations from acceptable enterprise vulnerability management policy requirements
• Interface with IT operations teams to influence and prioritize remediation of identified vulnerabilities
• Provide support of operational tools and methods for dynamic application security testing (DAST), static application security testing (SAST), and web application firewalls (WAF)
• Provide input and support to leaders and peers from architecture, engineering, and IT operations on architecting tools and solutions related to application security
• Obtain and maintain knowledge on existing security procedures and directives related to application security and vulnerability management
• Provide an overview of services and the status of key projects to stakeholders and security leadership
• Act as a technical stakeholder on key projects
• Provide support for VM Team activities, such as new tool implementation/investigation, significant architectural changes, and process improvements to vulnerability management

Skills: Vulnerability Scanning, Application Security, DAST Testing, SAST Testing, WAF Management, Tool Implementation, Process Improvement, Technical Support

• Excellent written and verbal communication skills (English language)
• Demonstrated ability to take initiative in identifying and resolving IT technical problems at customer sites via telephone, email, ticketing systems, and chat
• Support basic IT infrastructure and networking
• Ability to read and understand IT documentation and Best Practices and follow Operational Procedures, with a focus on Security, Disaster Recovery, and Major Incidents
• Understanding computer fundamentals and being able to troubleshoot Hardware, Mobile Devices, Virtualization and Cloud, and Operating Systems
• Highly analytical with extreme attention to detail and the ability to derive facts quickly, methodically, and accurately
• Ability to document and effectively present information and respond to questions from groups of managers and customers
• Ability to work in a high-pressure environment and a "thinking outside of the box" approach
• Committed, enthusiastic, flexible, and able to maintain high levels of productivity with minimal supervision while being able to work as part of a global team
• Customer-facing experience and strong customer orientation and dedication
• Excellent time management and organizational skills

Qualifications: BS in Network Engineering with 5 years of Experience

• Experience in IT with emphasis in cybersecurity, networking, systems engineering or application development with direct security experience, or an equivalent combination of education and experience on a year-for-year basis
• Solid understanding and hands-on experience in SIEM concepts such as log correlation, aggregation, and normalization
• SIEM experience creating searches, analytics, and alerts and understanding how to pivot in the data fields for investigative purposes
• Solid understanding of events, related fields in log records and alerts reported by various data sources such as Windows/Unix systems, IDS/IPS, AV, firewalls, and web proxies
• Ability to mine and respond to Indicators of Compromise (IOCs)
• Understands advanced persistent threat (APT) infection and attack chains, including tactics, techniques, and procedures (TTPs)
• Ability to create custom data parsers to analyze event logging from various devices, packet captures, and metadata
• Knowledge of the MITRE Threat (ATT&CK) Framework
• Demonstrated ability to absorb information, apply conceptual skills in practical security solutions, and achieve desired results in a highly technical operating environment
• Skills in effectively adapting to rapidly changing technology and the ability to apply it to business needs and to merge multiple tools to solve problems
• Strong analytical and problem-solving background
• Good project management skills with the ability to multitask and manage multiple small projects in a cross-functional environment

Qualifications: BS in Computer Engineering with 6 years of Experience

• Experience with security operations
• Prior experience in a mid to large-tier organisation within a global context
• Previous experience in the mining industry
• Strong communication skills, written and verbal
• Strong presentation skills, virtual and in-person
• Fluent in using Splunk, execute advanced searches and build dashboards
• Experience with PenTest
• Advanced skills in Microsoft Excel

Qualifications: BA in Cybersecurity Management with 2 years of Experience

• IT experience in RUN (production) operations
• Should have a technical degree or equivalent in Information Technology or Computer Science
• Working experience in IT and basic knowledge of IT Security technologies like Anti-virus, certificates, SIEM tool and other security concepts
• Experience with Symantec Endpoint Protection, Certificate lifecycle management, and any SIEM tool
• Excellent in analytical, communication and documentation skills
• Ability to organize work and be able to prioritize work as per the needs of Production Operations
• Must have a basic understanding of ITIL processes and be comfortable working in a process-oriented environment
• Excellent written and oral English language skills
• Experience with information security tools such as vulnerability management, SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices
• Experience in endpoint security solutions, file integrity monitoring and data loss prevention
• Experience in operating systems and security hardening and best practices
• Strong investigative mindset with an attention to detail
• Self-confident, organized, motivated and independent worker
• Ability to execute in a fast-paced, high-demand environment while balancing multiple priorities

Qualifications: BS in Computer Science with 7 years of Experience

• Knowledge of network technologies (protocols, design concepts, access control)
• Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)
• Knowledge of network design and engineering
• Proficiency in time management, decision making, presentation and organizational skills
• Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
• Basic to intermediate decision-making and problem-solving skills
• Basic to intermediate verbal and written communication skills to technical and non-technical audiences of various levels in the organization
• Experience establishing and maintaining effective working relationships with employees andor clients

Qualifications: BS in Information Technology with 4 years of Experience

• Strong understanding of SAP security design concepts as well as app security
• Detailed understanding of SAP GRC10.X, GRC 12.0
• Familiarity with SAP ERP-R/3, BI/BO, Portal, SRM, CRM, APO, SolMan, Fiori, S4 HANA
• Strong understanding of SAP security and SOX violation concepts (Audit)
• Ability to interact with people at various levels (from end-user to executive) in a global environment
• Strong self-management to manage and prioritize multiple project activities
• Strong analytical thinking, documentation and design skills
• Strong problem-solving and troubleshooting skills
• Ability to work independently as well as in a team environment 
• Experience in managing SAP Security
• Good understanding of business language and translate it into the technical world
• Good verbal and written communication

Qualifications: BS in Computer Systems Engineering with 6 years of Experience

• Demonstrate the ability to clearly communicate Information Security matters (risks, threats, and vulnerabilities, etc.) to both technical and non-technical audiences (including executives, auditors, and end users)
• Ability to interpret information security data and processes to identify potential compliance issues
• Ability to quickly understand security systems to identify and validate security requirements
• Knowledge and understanding of PCI, GDPR, SOX, CCPA and other regulatory directives
• Experience implementing vulnerability scanning technologies and performing vulnerability scans and assessments utilizing tools such as Nessus
• Experience with Endpoint Detection and Response (EDR) technologies and processes
• Demonstrate strong understanding of Windows, Unix/Linux, networking, telephony, and wireless security skills
• Strong working knowledge of network topologies and protocols (such as TCP, UDP, TLS, SFTP, SMTP, NTP, NetBIOS and DHCP)
• Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
• Must be self-motivated and able to coordinate with others to implement changes
• Ability to manage and prioritize multiple tasks, projects and ability to work with little or no supervision
• Must be team-oriented and willing to assist other members 

Qualifications: BS in Software Engineering with 5 years of Experience

• Must have CISSP, GIAC, SANS or equivalent security certifications 
• Experience with Security testing of enterprise networks
• Experience with tools such as Nmap, NetCat and Enum
• Experience with File Integrity Management tools
• Experience with packet sniffers and analysis of packet captures in support of security event research and analysis
• Experience with current web-server security and maintenance (Apache, IIS, Java, etc.)
• Experience with web application security, secure coding and OWASP
• Excellent problem determination/troubleshooting and analytical skills
• Experience with penetration testing tools, leading incident response teams, and ethical hacking techniques
• Experience using forensic tools and performing forensic collections
• Experience designing processes and creating policies and standards based on industry best practices
• Knowledge of cloud security practices and containerization concepts
• Understanding of risk management and risk evaluations of security or incident events

Qualifications: BA in Homeland Security with 8 years of Experience

• Experience in information security or a related field
• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model
• Hands-on experience analyzing high volumes of security-related logs
• Experience with addressing risks and protection on Google Workspace
• Familiarity with the MAS TRM requirements
• Familiarity with GDPR standards
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows, MacOS)
• Understanding of UEM, such as Workspace One and Google MDM
• Understanding of endpoint security products such as Symantec, BitDefender, Microsoft Endpoint Manager, and SentinelOne
• Experience with building security standards

Qualifications: BA in Computer Information Systems with 6 years of Experience

• Basic experience with Active Directory Certificate Services
• General knowledge of IT Security principles
• Basic Venafi experience
• Knowledge of information storing systems (Confluence, SharePoint)
• Understanding of Change Management Processes
• Basic understanding of Data Protection topics
• Basic Cryptography understanding
• Experience with creating, cutting, and deploying certificates
• Basic certificate security standard understanding
• Basic understanding of IPv4 and IPv6
• Knowledge of Agile and JIRA 
• Excellent organization and communication skills

Qualifications: BS in Cloud Computing with 3 years of Experience

• Software and networking security or related technical experience
• Experience and knowledge of Linux operating systems
• Programming experience in dynamic languages such as Bash, Python or JavaScript
• Strong understanding of cyber threats, malicious actor motivations and techniques
• Understanding of security control standards such as ISO 27001, NIST or CSA CCM
• Experience with a formal security auditing process such as ISO27001, SOC2 or PCI-DSS
• Demonstrated knowledge of core security topics such as Assurance, Vulnerability Management and Threat Modeling
• Strong written and oral communication skills and the ability to prioritize work
• Proficiency in Linux server administration and configuration (Red Hat / Oracle Linux)
• Demonstrated ability to complete complex projects with minimal supervision
• Strong troubleshooting and diagnostic skills
• Ability to multitask and handle changing priorities
• Experience working in a team environment
• Ability to learn from peers and accept criticism
• Self-motivation to drive solutions to completion

Qualifications: BA in Information Security and Risk Management with 7 years of Experience

• Able to thrive in a fast-paced environment, working to tight deadlines, managing multiple activities and prioritising time and workload effectively
• Previous experience in managing and delivering technical work streams and being the technical lead on IT-related projects
• Ability to obtain and maintain a Personnel Security Clearance
• Strong communication skills, analytical thinking, and problem-solving skills
• Ability to prioritize tasks and efforts
• Ability to work within a team environment and convey knowledge and skills to other members of the team in support of information security efforts
• Ability to maintain information security certifications commensurate with applicable requirements (e.g., CompTIA Security+, SANS GIAC or ISC^2 CISSP)
• Knowledge of the NIST 800-171 and/or NIST 800-53 security control implementation guidance
• Experience with maintaining and operating information system security software (e.g., McAfee ePolicy Orchestrator and Endpoint Security, McAfee Enterprise Security Manager, Tenable.sc, etc.)

Qualifications: BS in Applied Computer Science with 4 years of Experience

• Professional experience in Information Technology or Information Security
• Proven experience in security, network protocols, DNS, and networking devices - routers, VPNs, proxies, firewalls
• Proven experience in a large-scale environment
• Knowledge of the fundamentals of Computer Security and Information Systems
• Knowledge of the internet threat landscape and attacker motivations (phishing, malware, APT, DoS, etc.)
• Knowledge of cybersecurity and its common standards (e.g., ISO 27001, NIST) and processes
• Knowledge of cloud infrastructure and/ or virtualization
• Strong analysis and critical thinking skills
• Comfortable working in a high autonomy and as a team player
• Able to manage and prioritize time and multiple tasks efficiently, especially when operating under pressure or deadlines
• Able to work easily with different profiles from IT and Business

Qualifications: BS in Computer Networks and Security with 5 years of Experience

• Experience in cybersecurity reduces this educational requirement
• Knowledge of IT environments, information security, and privacy
• Experience in analyzing and evaluating network and security vulnerabilities
• Excellent verbal and written communication skills and ability to build strong relationships with stakeholders at all levels
• Demonstrated expertise with multiple Windows, Mac OS, and Linux operating systems
• Experience with enterprise scheduling software like Google Calendar, virtual meeting software
• Experience with patch management tools
• Experience patching machines
• Experience with enterprise Antivirus software management console
• Experiencing cleaning/remediating antivirus alerts
• Experience with the Jira Ticketing toolStrong people skills
• Excellent problem-solving and multitasking skills
• Knowledgeable in macOS and Windows operating systems

Qualifications: BA in Network Administration with 6 years of Experience

• Knowledge of a broad range of cybersecurity topics, e.g., governance, threats, privacy, risk, identity and access management, supply chain risks, security operations, incident management, etc.
• Understanding of and experience with a wide range of Cyber Security principles, technologies, and techniques
• Proven track record of delivering high-quality outputs on time and meeting/exceeding expectations with excellent analysis skills
• Proven ability to identify and assess complex information protection risks and controls
• Ability to organise and prioritise own work to meet project requirements
• Excellent communication skills, both verbal and written
• Ability to build strong and lasting working relationships
• Direct security monitoring and response experience
• Must have Industry certifications (CEH, GIAC, CISSP)
• Professional personality and comfortable speaking to internal shareholders and executives
• Possess a strong work ethic and team player mentality
• Highly developed sense of integrity
• Strong detail orientation and listening skills
• Strong decision-making and analytical abilities

Qualifications: BS in Telecommunications with 7 years of Experience

• Experience and knowledge of security platforms and systems
• Familiarity with SIEMs, MDR and EDR
• Understanding of security frameworks and best practices
• Understanding of cloud environments
• Basic understanding of the OSI model
• Understanding of basic security concepts
• Experience in role-based security designs
• Experience with SAP GRC
• Strong logical and analytical thinker
• Able to find root causes of problems and quickly determine efficient solutions
• Strong verbal and written communication skills
• Ability to work well with a diverse team to deliver the best solutions

Qualifications: BS in Computer Forensics with 4 years of Experience

• Professional experience in the IT security environment
• Experience with security requirements within the Defense and Military sectors
• Very good knowledge of IT security regulations and standards (e.g., ISO27001, BSI, NIST, FIPS)
• Certification as CISA, CISSP, CISM, TISP, ITIL or comparable IT certificates in the security environment
• Strong conceptual and process-oriented approach
• Very good communication skills and ability to work in a team
• Experience in information security
• Proficient with MAC, Windows, and Ubuntu
• Experienced with penetration testing and techniques
• Ability to identify and mitigate network vulnerabilities
• Understand patch management
• Knowledge of firewalls, antivirus and IDPS concepts
• Experienced in installing security software and documenting security issues

Qualifications: BS in Internet of Things with 5 years of Experience

• Direct hands-on working knowledge with a variety of Security tools
• Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices
• Experience in using scripting languages to automate tasks and manipulate data 
• Self-motivated to be well-informed of emerging security products, services, and standards to recommend appropriate tech and processes that move forward the continuous improvement of the firm's security posture
• Ability to work in a fast-paced, complex environment, ability to multitask, change direction, effectively prioritize, and meet deadlines
• Ability to work effectively and optimistically with both local and remote staff, teammates and managers
• Strong verbal and written communication skills
• Ability and desire to share appropriate knowledge and experience with others

Qualifications: BA in Technology Management with 3 years of Experience

• Must have certifications in a related discipline (e.g., CEH)
• Excellent organization and time management skills
• Familiarity with working with offensive security tools and frameworks, and understanding how they work
• Experience with performing web application security assessments using automated and manual tooling
• Excellent verbal and written communication skills 
• Able to explain why something is happening and also what can be done to address/mitigate an issue
• Experience drafting technical documentation
• Experience in cybersecurity including security advising, security assessment, security architecture, andor security engineering
• Understanding of Cloud (AWS or Azure) architecture and services and implications to security
• Demonstrated ability to explain complex IT and data-related issues to non-expert, non-IT staff and management in a manner that allows clear comprehension of the risk implications
• Deep collaboration and influencing skills
• Excellent consultative skills and the demonstrable ability to work effectively with business partners, internal management and staff, vendors and consultants
• Strong critical thinking, analytic and problem-solving skills
• Meaningful industry certifications such as AWS Security Specialty, Azure Security Engineer Associate, CISSP, CRISC, and/or CCSP

Qualifications: BS in Computer Programming with 7 years of Experience

• Experience with managing IAM operations
• Experience with OS (Windows / Linux)
• Experience with cloud services (Azure / AWS)
• Basic coding skills for task automation (VB script, bash script, Perl script, PowerShell, Java, or Python)
• Driven, self-motivated and able to work independently
• Proven experience in one or more of the following functional areas: Level 1 Operational / Technical Support for Enterprise Software Systems
• Familiar with CompTIA A+ and ITIL concepts
• Proven experience with managing Active Directory (on-premise and Azure)
• Proven experience with O365 admin tools
• Experience with monitoring tools (Zabbix/Kibana) 
• Basic understanding and knowledge of Networking and SQL 
• Experience with ITSM integrations (process improvement and methodologies)

Qualifications: BS in Information Technology with 4 years of Experience

• Working knowledge of Windows, Linux/Unix tools, architecture, and security configurations/monitoring techniques
• Good Experience in handling agent-based software in end-points (security-based)
• Technical experience working with advanced threat detection solutions
• Experience in managing Docker/Containers
• Must have scripting knowledge in Python/PowerShell, other automation tools, REST API, etc
• Good understanding of SQL, experience in creating dashboards
• Experience in handling security incidents and responses
• Strong troubleshooting expertise

Qualifications: BA in Cybersecurity Management with 2 years of Experience

• Must have excellent communication (English)
• Deep knowledge in at least two Operating Systems (Windows, Linux and macOS)
• Excellent understanding of network, web, authentication, cryptography and security protocols
• Including tools used to perform their analysis
• Exposure to scripting languages (Bash, Python, PowerShell)
• Good knowledge in general security principles and best practices, and how to leverage them in a global, financial and regulated environment
• Experience in information technology and information security
• Familiar with CIS, SOC 2, PCI, NIST, CCPA, etc
• Familiar with business impact analysis, business continuity and disaster recovery plans and testing

Qualifications: BA in Information Systems with 3 years of Experience

• Experience working with and securing IT infrastructure components and services (e.g., networks, storage, applications, directory services, databases, web services, cloud/virtualization services etc.)
• Experience drafting and reviewing technical and/or standards/guidance documents
• Experience implementing security requirements in IT systems
• Experience advising, briefing or training employees at all levels
• Experience working with government policies on IT security (e.g., PGS, MITS, ITSDs, ITSG, etc.)
• Experience working with IT risk management processes (SOS, TRA/Security Review, and C&A/SA&A)
• Experience working with and/or supporting Security Information and Event Management systems (ArcSight, ELK stack, Splunk, etc.)
• Experience with forensic analysis of IT hardware and software
• Experience with developing scripts on various systems
• Very strong experience using business intelligence and analytics tools for reporting metrics, creating and maintaining dashboards
• Strong knowledge of business practices and processes for asset, patch and change management
• Experience in hardening and diagnosing IT systems (applications, middleware, database)
• Experience leading small IT projects or sub-teams and knowledge of IT project management
• Strong problem-solving and analysis ability
• Excellent communication skills (written and verbal)
• Ability to work with remote project teams

Qualifications: BS in Information Assurance with 9 years of Experience

• Demonstrable experience in supporting business and technical areas to identify high-quality resolutions to control concerns
• Experience in Vulnerability Management and or Cloud/Container environments
• Excellent time management and organizational skills
• Understands and can articulate the business context/significance of vulnerabilities
• Knowledge of Cyber Policy and Standards and can convey requirements to others
• Demonstrates ability to solve complex problems
• Strong customer service orientation
• Ability to plan and implement projects on time and within budget
• Strong analytical and problem-solving skills
• Experience in hospitality, especially in restaurants
• Certifications in relevant Microsoft, server and security areas 

Qualifications: BS in Cyber Operations with 4 years of Experience

• Experience should have an emphasis on web applications, network, and computer security
• Detailed understanding of Web application, network, and computer security assessments
• Demonstrated ability to analyze, triage, and escalate security vulnerabilities
• Familiarity with various defensive and offensive security tool sets
• Familiarity with mobile security 
• Experience working in a large, global, and complex environment
• Ability to communicate information security-related risks, concepts, and situations to a nontechnical audience
• Passion for the field of computer and network security
• Must have fluent in English, German 

Qualifications: BS in Data Science with 3 years of Experience

• Understanding of IT risks, controls and mitigation techniques
• Expertise with vulnerability scanning techniques
• Excellent attention to detail
• Good knowledge of ITIL processes
• Understanding of network/directory technologies
• Certified in CompTIA Security+, GIAC Information Security Fundamentals, CISSP 
• Proven analytical and problem-solving abilities
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Good written, oral, and interpersonal communication skills
• Ability to conduct research into IT security issues and products
• Ability to present ideas in business-friendly and user-friendly language
• Highly self-motivated and directed
• Team-oriented and skilled in working within a collaborative environment

Qualifications: BS in Electrical Engineering with 5 years of Experience

• Working experience in commercial 
• Must have IT or Information Security courses or certifications such as Security+ / CISA / SSCP
• Exceptional analytical, reading, writing, and communication skills
• Able to be meticulous about all assigned related tasks and attentive to details
• Understanding to nature of malware, viruses, worms, and Trojans
• Basic understanding of tiered application structure and security
• Basic understanding of HTTPS/TLS, TCP/IP, networking concepts, and services such as SMTP, DNS, NTP, FTP, and SNMP
• Proficient in using the modern Microsoft Office Suite
• Ability to work under minimal supervision
• Familiarity with SOC 2-related compliance
• Must have organizational skills and project management experience

Qualifications: BA in Computer Information Systems with 4 years of Experience

• Security monitoring experience with one or more SIEM technologies such as Splunk, IBM QRadar, LogRhythm
• Knowledge of digital investigations including computer forensics, network forensics, malware analysis and memory analysis
• Ability to analyse data, such as logs or packet captures, from various sources within the enterprise and conclude past and future security incidents
• Knowledge of IT including multiple operating systems and system administration skills (Windows, Solaris, Unix)
• Understanding of security incident management, malware management and vulnerability management processes
• Understand information security and computer systems concepts and should be ready to work on 24/7 shifts
• Experience working in an information security capacity
• Strong interest in cybersecurity and technology
• Knowledge of cloud security or services, especially Azure
• Knowledge of Office 365
• Awareness of the importance of business continuity and disaster planning, including its testing
• Awareness of IT security measures
• Awareness of certifications and standards such as Cyber Essentials, ISO 27001, ISO 22301 and/or NIST controls

Qualifications: BS in Cloud Computing with 7 years of Experience

• Strong analytical and problem-solving skills
• Ability to investigate problems and find an ideal solution
• Must be able to communicate at different levels of the organization to explain complex security policies and protocols
• Strong background in Security Technology
• Vast knowledge of information security technology such as network firewall, application firewall, penetration testing, vulnerability scans, security logging, etc.
• Experience in security analysis/system monitoring
• Experience in different security domains (e.g., application security, vulnerability management, security monitoring, pen testing)
• Proven hands-on experience in security monitoring or security analysis
• Technical knowledge in the areas of application, operating system and network security
• Knowledge in system administration
• Certifications or an advanced profile for endpoint management solutions 

Qualifications: BA in Information Security and Risk Management with 6 years of Experience

• Ability to spot and assess security risk wherever it may exist
• Excellent decision-making skills
• Ability to analyse a situation and identify the best course of action
• Basic understanding of security threats and compromise methods would be useful as would some basic understanding of server, client and network technologies
• Ability to communicate effectively, both verbally and in writing
• Practical knowledge of defensive security tools 
• Working in an IT outsourced environment
• Working in an IT service desk environment
• Experience updating and maintaining Information Security policies, standards, procedures, and other related documents
• Experience performing and documenting information security risk assessments
• Experience identifying and supporting business information security requirements
• Experience deploying and monitoring a wide range of technical security controls
• Experience drafting and disseminating Information Security operational metrics and management reports

Qualifications: BS in Computer Networks and Security with 5 years of Experience