Information Security Specialist

About The Position

Requirements

• Bachelor’s degree in Computer Science, CIS, Engineering, Cybersecurity, or related field preferred. High school diploma or GED required.
• 2+ years’ experience working with technical and business teams related to information security
• Ability to analyze general cyber security-related technical problems and provide basic engineering and technical support in solving these problems.
• Familiarity with Azure and Office 365 security suite of tools, to include Microsoft Defender .
• Industry-standard knowledge of activities relating to identity and access management, MDR, SIEM, and least privilege access management.
• Basic understanding of NIST-specific security assessments.
• Aware of the legal, regulatory, and ethical considerations of working with sensitive information
• Proactive, self-motivated, well organized, reliable, and detail-oriented team member
• Ability to communicate across all levels of the organization with strong organizational skills
• Ability to multitask, self-prioritize daily tasks, and experience with task management tools.
• Analytical and critical thinking skills, required
• Any combination of education, training and experience which provides the required knowledge, skills and abilities to perform the essential functions of this job may be considered.

Responsibilities

• Execute day-to-day threat hunting for targeted attacks against multiple environments.
• Work closely with Information Technology’s Director of Data Governance and the Sr. Director of Information Security to make sure identified vulnerabilities are patched and remediated.
• Maintain an understanding of security-related IT policies to assess the effectiveness of controls.
• Facilitate incident remediation including monitoring Data Loss Prevention (DLP) tools and responding to alerts.
• Investigate network threats such as computer viruses, exploits, and malicious attacks to determine true threats, false positives, and network system misconfigurations.
• Monitor potential compromise, intrusion, deficiency, significant event or threat to the security posture and provide solutions to issues.
• Work within the IT department verifying and validating security compliance against corporate standards, regulatory standards, and other industry defined practices.
• Assist with security awareness training of employees, as needed.
• Champion the NIST 800-53 program, documenting policies and procedures as well as performing audits, risk assessments and implementation reviews.
• Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; monitoring information security news for emerging threats; and participating in professional organizations.
• Document specific activities, problems solved, and issues resolved.
• Protect our organization by keeping information confidential.
• Collaborate cross-functionally throughout the organization to safeguard sensitive information from potential insider risks and threat actors.
• Develop, update, and maintain policies and other technical documentation
• Establish an environment of high performance and continuous improvement that values learning, a commitment to quality, welcomes and encourages collaboration, and fosters both intra and inter-departmental dialogue and respect.
• Model the type and level of behavior, professionalism and leadership that is in accordance with the values of the organization.
• Perform other related duties as required