The Systems Security Administrator performs three core functions for the enterprise.
The first is to ensure the secure operation of the in-house computer systems, servers, and network connections. This includes checking server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting. The second is to ensure day-to-day operations of the in-place security solutions while the third is the identification, investigation and resolution of security breaches detected by those systems. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required.
Secondary tasks include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments.
The Systems Security Administrator is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Director of Network Operations or appointed representative.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Director of Network Operations or appointed representative.
- Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Director of Network Operations.
- Develop, implement, maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
- Assess need for any security reconfigurations (minor or significant) and execute them as appropriate.
- Keep current with emerging security alerts and issues.
- Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Acquisition & Deployment
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Interact and negotiate with vendors, outsourcers, and contractors to obtain protection services and products.
- Recommend, schedule, and perform security improvements, upgrades, and/or purchases.
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
- Deploy, manage and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, routers, switches, firewalls, intrusion detection, etc.) for unusual or suspicious activity. Interpret the activity and implications of that activity and devise plans for appropriate resolution.
- Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
- Participate in investigations into problematic activity.
- Design, perform, and/or oversee penetration testing of all systems in order to identify system vulnerabilities.
- Manage and/or provide guidance to junior members of the team.
- Train team members on incident response procedures.
- Provide on-call support for end users for all in-place security solutions.
Formal Education & Certification
- College diploma or university degree in the field of computer science and/or 3 years of equivalent work experience.
- One or more of the following certifications is preferred:
- CompTIA Security+
- CHFI Computer Hacking Forensic Investigator
- CEH Certified Ethical Hacker
- GIAC Information Security Fundamentals
- GIAC Security Essentials
- Associate of (ISC)2
- CISSP Certified Information Systems Security Professional
- Microsoft Certified Master (MCM)
Knowledge & Experience
- Extensive experience with Trend Micro products including AV and DLP, Thycotic Secret Server, Qualys ThreatPROTECT, and others.
- Strong experience Cisco, Brocade and Palo Alto devices and systems.
- Working technical knowledge of Dell SecureWorks Counter Threat Platform and other managed network services.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Strong understanding of Windows Server/Workstation, Linux, Cisco, Brocade and other operating systems.
- Familiarity with Microsoft Office suites and other common enterprise applications.
- Intuition and keen instincts to pre-empt attacks.
- Proven high level of analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Ability to conduct research into security issues and products as required.
- Strong written, oral, and interpersonal communication skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self motivated and directed.
- Strong organizational skills.
- Excellent attention to detail.
- Strong understanding of the organization’s goals and objectives.
- Team-oriented and skilled in working within a collaborative environment.
- 40-hour on-site work week with on-call availability.
- Travel may be required.
- Sitting for extended periods of time.
- Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, and other computer components.
- Lifting and transporting of moderately heavy objects, such as computers and peripherals.