Required Licenses or Certifications:
- One or more of the following certifications:
- Certified Information Systems Security Professional (CISSP) (strongly preferred)
- CompTlA Security+ o GIAC Information Security Fundamentals
- Microsoft Certified Systems Administrator: Security
- Associate of (ISC)2
- ITIL and Project Management certification a plus.
Specific Qualifications, Knowledge, and Skills:
- Experience performing vulnerability scans using Tenable.
- Experience responding to Information Security incidents and events.
- Experience utilizing security software and tools, including (but not limited to):
- CrowdStrike endpoint protection, Microsoft Defender, SIEM (AlienVault preferred) and EnCase.
- Strong command of system administration tools (Windows/Linux)
- Experience with security administration of cloud platforms (Microsoft 365)
- General knowledge of the NIST 800 series standards and the ISO 27001/2 frameworks.
- Demonstrated work experience conducting system security assessments, control analysis, risk assessment, vulnerability assessments or penetration tests.
- Strong understanding of information security threats and vulnerabilities
- Strong understanding of and experience with security-related technologies, systems, and tools
- In-depth understanding and experience with various attack vectors and their effect on technologies.
Required Skills:
- Technical skills proficiency in the following areas: security information event management, network protocols (e.g. TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing
- protocols), system administration, malware (propagation, infection, types), intermediate knowledge of network security controls and technologies (proxy, firewall, IDS/IPS, router/switch, open-source information collection platforms), cryptography, Microsoft Active Directory.
- Proven competency in the use of MS Office applications (Word, Excel, PowerPoint, SharePoint, Teams)
- Strong work habits, time management and self-organization
- Excellent communication skills (verbal/written), including the ability to provide technical reports.
Education & Experience:
- Bachelor's Degree in computer science, information technology, business administration, engineering, or closely-related field and five years of information technology experience with a focus on IT Security, Risk Management, Data Protection or Compliance, OR an equivalent combination of education and experience.
- At least 4 years of systems security and administration experience.
