Overview:
The Infrastructure Security and Network Specialist is a hands-on position responsible for providing technical direction and guidance in the development, implementation and maintenance of the company’s cybersecurity controls in accordance with NIST instructions and guidelines. The Infrastructure Security and Network Specialist will lead the development and implementation of security controls, mentor others in security concepts and ensure secure cloud practices are followed. The position will enable the company to operate expertly, cost effectively, and within compliance standards and will assist others in interpreting, understanding, and applying information security policies and standards to mitigate information security risks. The Infrastructure Security and Network Specialist will also participate in the greater infrastructure team’s customer support activities.
Key Responsibilities:
- Oversee, evaluate, and support the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology systems meet the organization's cybersecurity and risk requirements.
- Ensure appropriate treatment of risk, compliance, and assurance requirements from internal and external perspectives.
- Analyze and develop the integration, testing, operation, and maintenance of system security.
- Develop new and/or enhance existing policies to support organizational cybersecurity initiatives.
- Respond to security events within the pertinent domain to mitigate immediate and potential threats. Use mitigation, response and recovery approaches, as needed, to maximize preservation of information security. Investigate and analyze all relevant response activities.
- Analyze digital evidence and investigate computer security incidents to derive useful information in support of system/network vulnerability mitigation.
- Network Security: Responsible for Firewalls, switches, IPS/IDS, Proxies, URL Filtering, IP Whitelist/Blacklisting, Geo-fencing, DDoS protection, VPNs, and other security technologies.
- System Security: Responsible for maintain existing structure or create new, secured environments. A thorough knowledge of Microsoft domains, including Active Directory, IIS, DHCP, DNS, Kerberos, Group Policy, Scripting, Patch Management, Endpoint Management, AV & EDR Tools, SNMP/WMI/Syslog management and monitoring.
- SIEM/SOC Security: Responsible for SIEM tools feeding SOC operations, including ongoing management, tuning, alert thresholds, initial investigation and validation of threats, and building functional reports to relay threat analytics to stakeholders in a digestible format.
