This site uses cookies. To find out more, see our Cookies Policy
Contact Us 877.823.3669

Senior Specialist, Information Security in Washington, DC at SNI Technology

Date Posted: 11/29/2018

Job Snapshot

Job Description



Title:

Senior Specialist, Information Security
Division:
Information Management

Duration:
Continuous
Department:
IT Security & Compliance

Reports to:
Director, IT Security & Compliance
Location:
Washington, D.C.

Position Number:
Status:
Full-time
Exempt

Salary Band:
Supervises Others:
No



Purpose of Division:
Information Management (IM) provides and supports the information technology environment that enables our company to effectively meet the goals of its business units and that of the organization as a whole. Our staff are committed to providing quality products and timely support to meet our company's business goals, while at the same time preserving the security and stability of its corporate network.

Position Summary:
Reporting to the Director of IT Security and Compliance, the Senior Specialist for Information Security provides assistance with safeguarding information assets by identifying and analyzing potential and actual security incidents. This position is responsible for evaluating, monitoring, and implementing information security initiatives and identifying issues in technology, software or services. It is also responsible for analyzing risks and recommending information security improvements for the organization as a whole.



Essential Duties/Responsibilities:
Level of Importance
(1%3Dmost important, 5 %3D least important)

1.
Administering the vulnerability management program. Reviewing and responding to known and possible network attacks, vulnerabilities and alerts.
1

2.
Maintaining and reviewing secure access to program servers, file shares, and security groups.
3

3.
Proficiency performing audit analysis of accounts and process management to include permission lists, organizational changes, separated employees, inactive accounts etc.
1

4.
Developing measures to prevent unauthorized software from being installed and executed on systems.
1

5.
Recommending and supporting the development and management of network security and incident response policies and procedures.
3

6.
Proficiency archiving and reviewing system audit logs and all other pertinent log files that will support incident response activities.
1

7.
Maintaining records on configuration and patch management tools to ensure that patches/system modifications maintain the desired security posture.
2

8.
Developing/revising technical standards for security devices, security operations, and other operations as required.
3

9.
Proficiency developing measures to prevent unauthorized software from being installed and executed on systems.
1

10.
Interacting with information security vendors and holding information security vendors accountable to technology and services obligations to the organization.
3

11.
Ensuring that change control procedures are strictly followed for all changes to all production systems.
2

12.
Proficiency analyzing security incidents and escalation of security events 24x7.
1

13.
Performing other job related duties as assigned.
3


Nature of Work Contacts:
There is regular collaboration within the division and cross divisionally. This position requires willingness to engage with new and changing work contacts on a regular basis, and successfully manage the relationship between the division and all stakeholders.

Fiscal Responsibilities:
Use of travel card.

Required Minimum Qualifications:
(a) Education:
A bachelor's degree.
(b) Experience: At least five (5) years' professional experience in a security operations role, specifically: administering Threat and Security Incident and Event Monitoring (SIEM) solutions; using Application and Network Vulnerability Management software and tools.

An equivalent combination of training, education and experience which provides the above knowledge, skills and technical competencies will be considered.

(c) Licenses, Certifications: One or more of the following certifications are strongly preferred: CISSP, CCSP, CISA, CISM, CRISC, SANS: GIAC, GSEC, GWAPT
(d) Competencies, Knowledge, Skills & Abilities:
1. Strong attention to detail, self-directed with ability to prioritize and coordinate multiple work activities in a fast-paced
environment.
2. Must be able to meet critical deadlines, while working both independently and collaboratively.
4. Strong analytical and problem solving skills.
5. Strong customer service and interpersonal skills.
6. Ability to communicate effectively, verbally and in writing, with multiple audiences, including the ability to clearly and
simply restate complex issues and to edit written materials.

(e) Technology: As stated in section (d).

Preferred Qualifications:
A bachelor's degree in computer science, information security or related field is preferred.

Working Conditions:
(a) Travel:
Up to 10%.
(b) Physical/Sensory Demands: Fast paced working environment, extensive computer usage. Light lifting up to 25 lbs.

Special Provisions:
Occasional work outside of normal business hours is required in order to perform, diagnose and/or implement releases or changes so that normal business operations are not affected. Requires sharing of on-call duties.