Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to:
application firewall alerts
change detection (FIM) alerts
rogue wireless network alerts
security system health alerts
exploit attempt alerts
Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to:
Payment Card Industry (PCI) Data Security Standard (DSS)
emerging state and Federal privacy laws
general security auditing
Participate in a vulnerability management program that includes:
external and internal vulnerability scans of applications and systems
external and internal penetration tests of applications and systems
documentation and remediation of identified vulnerabilities and exploits
routinely monitoring various communication avenues for security vulnerabilities and security patches
taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environment
making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
Acts as the initial point of contact to facilitate the handling of security incidents and requests, conducts technical investigations resulting in successful root cause analysis of intrusions, and make real-time decisions about incidents as they occur
Completes audits of system security to ensure compliance with security policies
Evaluate security tools and processes in conjunction with the Director Information Security and the IT team. Recommend improvements to security tools, configurations, processes and policies
Conducts network monitoring and intrusion detection analysis using various tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, and SIEM
Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
Assist with the development and delivery of information security awareness training programs
Maintain documentation that supports the annual PCI compliance attestation
Provide subject matter expert consultation to 84 Lumber associates on cyber security matters
Knowledge of information security standards and the importance of information security ensuring ongoing mission critical business functions
Knowledge of Information risk concepts and principles, and relating business needs to security controls
Knowledge of the principles, practices, theories and concepts of information security related to network, workstations, servers, and applications
Bachelor’s degree with 5-7 years of experience in IT with at least 3 years of related, relevant cyber security experience
Security+, SSCP, CISSP or similar certification highly desirable
Must be a team-oriented individual who works well with others and strives towards the group’s overall success.
Self-starter with initiative and drive for continuous improvement.
Demonstrate strong organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations and take effective action.
Capable of articulating complex technical concepts or scenarios to both technical and non-technical audiences
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.