Responsible for managing security related projects, applications, documentation, and monitoring. In addition, this position will review systems to verify complete and proper configuration security configuration. This position also helps to manage and implement security technologies to ensure that compliance is met within the network and server infrastructure.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Monitoring, improving and implementing security projects in both the PCI and internal networks
- Continuous monitoring of the security of networks and systems to maintain Nexidia’s security posture
- Documentation, development, and enforcement of policies and procedures.
- Planning and implementing new software deployments and processes
- Perform Penetration and Security testing
- Review switch, firewall, server, and application configurations
- Thorough understanding of information security principles and practices with demonstrated experience including Log monitoring, IPS, and AV solutions.
- Perform comprehensive PCI-DSS, ISO:27001, and HITRUST assessments, IT audits, policy and procedure development.
- Maintain Awareness, Patching, and Vendor security assessment systems
- Develop reports that detail compliance and security gaps including risk severity level, systems impacted, business risk summary, and recommendations that remediate all findings.
- Stay current with security vulnerabilities, tools, and best practices
ADDITIONAL DUTIES AND RESPONSIBILITIES
- Maintain and manage the security training process
- Work with auditors to provide document and evidence during audits
- Performs other duties as required
- Understands and adheres to Nexidia compliance standards as they appear in the Employee Handbook, Corporate Compliance Policies, Code of Conduct and Conflict of Interest Policy (as appropriate).
- Stays current with all pertinent federal and state regulations, laws, and policies as they presently exist and as they change or are modified.
VISA SPONSORSHIP NOT CURRENTLY OFFERED.
KNOWLEDGE, SKILLS, AND ABILITIES
- Solid understanding security frameworks and standards
- Solid understanding of Microsoft Server Operating Systems, Linux Operating Systems, Active Directory, and group policy
- Solid understanding of system and network security including:
- Firewalls, VPN, SIEM, Audit Tools, Vulnerability and Penetration Testing tools, Antivirus, FIM, IDS/IPS, DLP, Email Security, Wireless, and other Security Tools
- Possess a good understanding of LAN / WAN technologies and protocols including TCP/IP & DNS
- Knowledge and experience with Server 2012 and Server 2016
- Excellent knowledge of security best practices and compliance standards like PCI, ISO:27001, and HIPAA/HITRUST
- Excellent customer service, verbal and written communication skills
EDUCATION AND EXPERIENCE
- Bachelor's degree in computer science, information technology or related field or equivalent work experience. (Typically four years of additional related, progressive work experience would be needed for candidates applying for this position who do not possess a bachelor's degree.)
- Knowledge of and experience with PCI, HITRUST, and ISO 27001: information security management systems and certification preferred.
- A minimum of two years additional directly related technical experience is required.
- Basic understanding of information security.
- Basic knowledge of security principles.
- Knowledge of information technology terms, equipment, systems, functions and major vendors.
- Excellent oral and written communication skills, including presentation skills.
After clicking on the button to apply above, you will leave Cyberlinx and go to the job application page (outside the site) for that company. Cyberlinx accepts no liability or responsibility as a consequence of any reliance upon information on their (external sites) or here. Cyberlinx does not own the logos from employers or jobs posts