Information Security Administrator

The Information Security Administrator is responsible for the safeguarding of information system assets and users through the identification and resolution of security risks within the DMP environment. They will utilize their practical expertise to monitor system behaviors, define access privileges and controls, distinguish procedural improvements, administer security systems, and participate in structured audit. This role will assist in maintaining vendor relationships, purchasing, and implementing security tools. There will be a heavy focus on user training to increase cyber awareness.

Qualifications:

• Bachelors in Information Technology, Cyber Security, Computer Science, Systems Administration, Computer Engineering, or related field experience
• 5+ years of previous experience in a cyber security role.
• Certification (CompTIA, CISSP, CISM, CEH,or specialization desired
• High level proficiency with network security techniques and practices and must possess a tenacious approach to network security and discovery of potential risks and problems.
• High level proficiency with DNS and IP routing statements and configuration.
• Sound understanding of operational processes coupled with proven business and analytical skills.
• Ability to manage multiple projects, while ensuring that commitments and timetables are met.
• Ability to partner with internal stakeholders to design operational solutions.
• Goal oriented, forward thinker that can provide solutions for complex technical problems.
• Skill in organizing resources and establishing priorities
• Ability to learn and support new systems and applications.
• Sense of urgency to complete the task at hand.
• Ability to keep information in confidence.
• Strong proficiency at administration of security tools (IDS, IPS, SIEM, DLP, EDR, FIM, MFA, SSO, IAM)
• Familiarity with NIST, GDPR, ISO, PCI and SOX compliance standards.
• Ability to configure security in cloud based architecture (AWS, Azure or GCP)
• Excellent communication skills to include:
  • Composure and confidence for executive customer support role
  • Seeks prompt feedback to ensure accurate communication
  • Active listening to input from client/user/staff/peer
  • Expresses ideas effectively to various organizational levels
  • Communicates in a solution-oriented fashion
  • Accept and benefit from constructive criticism
  • Professional and diplomatic communication skills, verbal and written

Typical Duties and Responsibilities:

• Plans and implements network security, including firewalls, anti-virus solutions, intrusion detection and prevention systems, network application security, managing host security, and file system integrity.
• Investigates, recommends and installs enhancements and operating procedures that optimize network availability and security.
• Provide cyber security guidance as the subject matter expert for IT requests including but not limited to management of virtual systems, software, end users, and hardware.
• Maintain strong vendor relationships to establish standards and efficiencies in issue resolution.
• Maintain established SLAs and develop KPIs in line with daily routines.
• Work with Asset and User Administration to define and execute access controls.
• Work with Systems Administration to configure IT security solutions.
• Monitor network and application performance to identify irregular behaviors.
• Validate Security Controls.
• Proactively search and identify indicators of compromise and anomalous behavior indicative of malicious behavior that has not yet met the event/incident threshold or has not been detected by automated security tools.
• Assess data from multiple sources and navigate the cyber terrain to identify suspicious behavior.
• Obtain data for validating predictive models generated by advanced analytics.
• Augment identification and tracking of incidents.
• Create, update, and document tickets in the authorized ticketing system to initiate the incident response process for any incidents discovered during the continuous hunt; tickets shall contain sufficient information to meet the equivalent ticket created via Tier 1 and Tier 2 and shall include a level of detail sufficient to enable the Government and other contract services to reconstruct the analysis and methodology and any conclusions reached systematically.
• Provide input to the daily Significant Activity Report, the daily Operations Update, and the Weekly Status Report.
• Assessing and validating predictive models as provided by other services to locate potential adversary intrusions and unauthorized activity.
• Run Pen tests.
• Maintain administer Office 365 security tools.
• Establish and maintain regular training for organization regarding security best practices.
• Establishes and performs continual reviews of network security architecture, information security administration, and policy by implementing regular testing procedures to include network penetration testing.
• Perform reviews of network installed software specifically looking for rogue software that is not approved by the DMP IT Department.
• Identifies utilization patterns and their effect on network operation/system availability and performance expectations.
• Documents, maintains, and enhances network security policies related to hardware systems including but not limited to: Local Area Network, Wide Area Network, VPNs, remote servers and Applications.
• Analyzes and troubleshoots the network logs and tracks the nature and resolution of problems; monitors usage to ensure security of data and access privileges.
• Maintain proficiency and stay abreast of all current technology and opportunities concerning IT related hardware and software.
• Maintains confidentiality with regard to the information being processed, stored or accessed by the network.
• Observe and adhere to DMP Data Classification policy.
• Observes company policies. Continuously reviews processes to improve efficiency while maintaining conformance to requirements and fostering effective internal customer relationships.
• May perform related duties or fill in for others in the department or other departments when requested. May train or instruct fellow workers regarding own duties

EOE/Disabled/Vet

Onsite medical clinic for employee, spouse and family members, 18 and under, living at home; Medical, Dental, 401k, Life Insurance, Shot and Long Term Disability, paid vacation/holidays) plus some not so usual (free security system, free UPS shipping), so you don't have worry about self or family