Lead IT Security Specialist
Two North Ninth Street Lehigh County, PA 18101
Lead IT Security Specialist
- Status: Direct Hire
- Salary: $110, 000 - $125, 000
- Remote: No
Are you looking to work for a well known company in the PA area? We have an exciting opportunity while the company experiences growth and is looking to add to their team. The position is titled Lead IT Security Specialist and requires experience in the following areas:
Threat /Vulnerability management (IDS), active defense and response, security analytics, and security incident management.
Data access controls, data loss prevention, data encryption and key management, data privacy and regulatory requirements, and data access audits.
IT Access Mgmt.
Creates and manages the policies, tools, and activities that promote permission-based access to information, identity verification, IDM, user personal information protection, and role management.
In this position, you will have the opportunity to oversee projects, analyze issues and recommend solutions in the following:
- Track and understand emerging security practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
- Research information security standards; conducting system security and vulnerability analyses and risk assessments; identifying integration issues.
- Develop criteria to assess and validate IT security risks
- Assess security system performance by conducting tests (e.g., penetration testing)
- Maintain security by monitoring, ensuring compliance to standards, policies, and procedures; conducting incident response analyses; and conducting training programs
- Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements
- Prepares system security reports by collecting, analyzing, and summarizing data and trends
- Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies
- Utilize intrusion detection systems (IDS’ s) to monitor network system (LANs, WANs, VPNs, routers, firewalls, and related security and network devices) for indicators of compromise (IOCs)
- Integrate technical, managerial, and financial considerations when sponsoring solutions
Network and Data Security:
- Conduct ongoing review of multiple systems and sources to detect network access, network intrusion, and information integrity compliance risks
- Proactively identify potential network threats and cyber threats, and recommend preemptive remedial actions
- Investigate network security events, conducting root-cause analysis to identify threats for recurring incidents
- Monitor and track incidents related to network access, network intrusion, cyber security, and regulatory compliance
- Troubleshoot, diagnose network problems, and implement corrective action within prescribed guidelines to mitigate impact to business continuity
- Support restoration of secure network services as quickly as possible while limiting business impact
- Assist in minor network or system configuration changes to improve system security and meet regulatory requirements
- Ensure that company systems and data management protocols adhere to regulatory requirements
- Conduct activities related to data loss prevention (DLP), data encryption, key management, data privacy and regulatory requirements, and data access audits
IT Access Management:
- Research, design, and implement Identity and Access Management (IAM) solutions for systems to ensure the appropriate context-based and permission-based security policies are enforced on users and their devices and real-time
- Conduct activities pertaining to identity verification, IDM, user personal information protection, and role management
Physical presence in the office/on-site to engage in face-to-face interaction and coordination of work among direct reports and co-workers.
- Bachelor' s degree and 7 years of related work experience OR 10 years of related work experience
- Splunk or similar SIEM experience creating searches and understanding how to pivot in the data fields to investigate
- Ability to mine and respond to Indicators of Compromise (IOCs)
- Understanding of the advanced persistent threat (APT) kill chain
- Understanding of hacker/advanced persistent threat (APT) tactics, techniques, and procedures (TTPs)
- Understanding and analysis of event logging from many different devices
- Experience with NIST, NERC CIP, SOX and PCI requirements
- Ability to perform packet analysis
- Understanding of malware and malware behavior
- Proven ability to prioritize and execute tasksHighly self-motivated and directed with attention to detail
- Easily adapts to changing circumstances
- Understands business goals and strategic priorities
Additional qualifications desired:
- Master’ s Degree
- NERC CIP Compliance Analysis Certification, System Operator Certification, GIAC Critical Infrastructure Protection Security Certification
- Experience supporting fast-changing business organizations
If you or someone you know would be a fit for this opportunity, please contact Talon today! Excellent company perks and benefits available. Referral bonus offered and paid.
If you feel like you are the right fit for the job above, please click the apply online button below and I will be sure to reach out ASAP!