The incumbent should be able to perform all of the following functions at a pace and level of performance consistent with the job performance requirements.
Works with senior engineers and leadership to determine security requirements by evaluating business strategies and needs.
Researches information security standards, conducts system security reviews, vulnerability analyses and risk assessments.
Studies Security architecture/platform identifies integration issues or opportunities and prepares cost estimates.
Conducts periodic independent security audits including NIST, HIPAA and SOX audits and all internal controls compliance programs. Generates reports as needed from the various security systems to support regulatory compliance.
Investigates known or suspected security incidents and performs thorough threat hunting and remediation using cybersecurity tools.
Responsible for firewall and URL filtering configuration, maintenance, monitoring, and various other security measures.
Configures and maintenance of VPN connections with remote sites and 3rd parties.
Responsible for Identity and Access Management (IAM)
Responsible for Endpoint Detection and Response administration.
Responsible for securing company email communications
Runs searches and builds dashboards in company SIEM.
Responsible for security setup, maintenance, and monitoring in Azure/M365 cloud environment.
Conducts training sessions with various audiences and educates users on security policies and consults on security initiatives and issues.
Researches emerging technologies and maintains awareness of current security risks in support of security enhancement and development efforts. Participates in educational opportunities, professional networks, and professional organizations.
Troubleshoots assigned work tickets supporting daily operations and problems as they occur as well as provide 24/7 on-call support rotation.