Information Security Specialist

Job Details Description The Information Security Specialist plays an integral role in helping define and assess the organization's security strategy, architecture and practices.  This position will be required to effectively translate business objectives and risk management strategies into specific security process enabled by security technologies and services. Develop Security Governance Framework & Roadmap Lead creation of security policies and procedures based upon NIST standards Manage the risk posture of the operating environment through executing risk assessments and managing the risks via risk response plans Develop milestones for remediation of risks and manage risk mitigation through incorporating lessons learnt and alignment with internal controls Ensure that security program aligns with the corporate and regulatory governance objectives Implement System Security Standards & Training Monitor and support the implementation of the information security strategy and related projects Determine baseline security configuration standards for operating systems, network segmentation, and identity/access management Develop standards for data protection safeguards, including encryption and tokenization Develop security rulesets for network devices, including firewalls Develop and facilitate delivery of end user awareness training and awareness program Management of Information Risks Allocate security management responsibilities and accountability mechanisms to designated functions Conduct security assessments of internal systems against leading practices and industry standards Conduct vulnerability assessments of systems Document sensitive data flows and determine level of requiredsecurity Facilitate investigation of security incidents and violations of Information Security Policies and Standards Document and communicate security breach response plan Review security and infrastructureevents and logs for indicators of compromise or abnormalities Inventory and maintain proper documentation for all systems, infrastructure and applications for logging Advise for continuous improvement of enterprise security solutions Provide security advice for application and infrastructure projects and the development and selection of security safeguards Review and track changes in threat environment and incorporate reasonable controls into security strategy plans Evaluate contracts and statements of works to ensure adequate security protections are included pursuant to the risks relating to the services offered Conduct security assessments of third-parties and managed services providers B.S. Degree in Computer Science or related field or equivalent work experience in the information security field Security certifications such as CISSP, GIAC, Security+ 3-5 years' experience in a securitysupport role Strong in-depth technical knowledge in information security frameworks, leading practices and industry standards, and information security safeguards w/emphasis on anti-virus, DLP, NAC or MDM. Ability to drive design and implementation of information security capabilities and in integrating those practices with operations Self-starter. Ability to work in fast paced environment being self-motivated. Discipline to follow established methodology while seeking ways to improve processes. Strong effective phone and email communication skills.
Salary Range: NA
Minimum Qualification
Less than 5 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.