Summary:
- Position is responsible for security incident response, security monitoring and administration, recommending operational enhancements, as well as daily operational activities
- This department functions as an operational control gate in the maintenance of information systems, enforcement of corporate security policies, regulations and industry standards.
Duties:
- Maintain and monitor security applications such as Checkpoint firewall appliances, Symantec antivirus applications, Websense, IDS/IPS, SIEMENS appliances, Quest systems, and other security applications for workstations
- Conduct validation of correctly assigned access control for systems and processes including but not limited to: Active Directory, AS400, EPAS, CTS, ProFinancial, CSC, VPN, CAP, Database access, and Manage My Policy, Quest Password Recovery Manager and Quest Reporting tools
- Update and maintain access control tools including permission and authority matrices, access control reporting databases, log maintenance, etc.
- Detect, report and contain intrusion and information security violations on applications, databases, networks, systems, and Active Directory including participation with corrective procedures and restoration of services
- Perform Service Desk response to security incidents and log into reporting systems within the allotted OLA/SLA agreements
- Review, monitor and analyze security compliance on accounts, applications, databases, networks, systems, and Active Directory; assist with comprehensive log analysis
- Audit compliance of Information Security policies and report findings/status, as well as support external and internal audit efforts
- Conduct vulnerability assessments, patch validations, and security risk assessments
- Assist with forensic-related activities such as image acquisitions and network forensics as directed
- Participate in implementing changes to procedure, policies and systems to enhance system security,
- Assist in the creation, maintenance and validation of documentation for security processes, incident reporting, security awareness, etc.
- Support user account management for high-risk applications such as account creation, account deactivation, and modification of account access authority matrices
- Support security projects and security components in other IT projects and operational tasks, such as metrics reporting compilation
- Monitor and log the use of Information Security hardware, software, and training/technical books
- Communicate security policies, processes and procedures to users
Required:
- Ability to interface with department and corporate customers through effective communication skills
- Working knowledge of information security services involving networks, firewalls, Active Directory, and general information security principles
- Working knowledge of information security theory and practices
- Working knowledge of application, systems, network security administration
- Intermediate level of knowledge of MS Office Suite
- Working knowledge of Microsoft Desktop and Server Operating Systems
- Working knowledge of Incident Response Technologies
- Knowledge of, and the ability to stay abreast of, current security related laws, trends, and emerging technologies
- AA/AS Computer Science, Information Technology or relevant field OR 2 years of relevant experience OR a combination of college education, training and related IT experience equivalent to 2 years of college education
- 3 or more years of IT experience to include (can be simultaneous):
- 1 or more years experience in information security in one or more of the following domains: access control; computer operations security; security architecture and models; or application and system development security; or other related area
- 1 or more years of end-user/customer support of IT systems/networks/devices
- Current certification in one of the following: MCSA, CCNA, MCITP (Server Admin), or CCSA&CCSE or within first year of position start date
- CompTIA’s Security+, within 90 days of position start date
Preferred:
- Bachelor’s degree in computer science, information technology or related field
- 2 or more years experience in information security in one or more of the following domains: Access Control, Computer Operation Security, Network Security, Security Architecture and Models, and or Application and system development security
- Current certification or working towards certification in:
- GIAC Security Essentials Certifications (GSEC), ISC2 SSCP, equivalent or higher
- CCNT, CCNA, CNNA + Security, equivalent or higher
- MCITP (Server Administrator)/MCSA, equivalent or higher
- CCSA, equivalent or higher
- Knowledge and understanding of ITIL and Knowledge of regulatory issues such as SOX, COBIT, PCI, HIPAA
- Understanding of security standards and frameworks [such as ISO 17799]
- Prior insurance industry experience
Have a great day!
Paige O’Hearn
Talent Sourcer
MODIS
10201 Centurion Parkway North, Suite 400
Jacksonville,Florida32256
Direct: (904) 232-4506
Fax: (904) 360-2323
www.linkedin.com/in/paigeohearn
