Senior Security Operations Specialist

Overview

Position Summary:
The primary focus of the Senior Security Operations Specialist is to provide hands-on management,
administration, guidance, and recommendations for all operational Information Security platforms.
This includes working directly with managed service vendors/providers and their staff to
co-administer platforms, handle requests, ensure readiness to engage on priority security
incidents, and manage engagement and contractual expectations. Technical stewardship is expected
for platforms such as (but not limited to) Patch Management, Endpoint Security, Mobile Device
Management, Network and Cloud Security, and AV/AM services. This role is the primary liaison
between Enterprise IT Operations and IT Security and Governance to manage requests and incidents
that involve remediation of operational system risks, and facilitate any auditing activities that
may be driven by IT Governance or Internal Audit. The role also assists other Enterprise IT
Operations members with translating operational risk recommendations in to technical action plans.
Maintaining the confidentiality, integrity, and availability of production infrastructures is
paramount.

Values and Behavioral Standards:
To ensure the effective communication and application of company values and behavioral standards,
as stated in our company “Code of Conduct” policy, and to respond appropriately in the event
of any known departure.

Responsibilities

Leadership:

  • Co-manage work units of internal staff and externally sourced services when agreed upon
  • Ensure that and/or advocate for appropriate resourcing and skill levels to complete projects and
  • initiatives
  • Negotiate, collaborate, and consult with all company teams and leaders
  • Drive efficient decision making within the IT management team
  • Foster technical and procedural excellence within the IT department for all applicable operational Information Security systems and processes
  • Foster technical knowledge, design, and engineering excellence within the IT department for all applicable operational IT Security systems
  • Ensure systemic problems, sensitive situations, or unresolved Requests are escalated and distributed to
  • IT management in a timely manner
  • Manage relationships of partners and vendors to ensure KPIs, SLAs, and terms of the engagement are met and appropriately designed
  • Strong partnership with IT Security & Governance in support of routine tasks, planning, and security incident response activities

Customer and System Support:

  • Provide escalated technical support for IT Security related systems and processes
  • Ensure health checks, upgrades, and patching of operational Information Security systems are executed on a timely basis
  • Formulate operational risk mitigations along with assisting IT Security and Governance in security
  • awareness programs
  • Proactively identify, research and resolve technical problems
  • Involved in troubleshooting a wide range of security issues including architectures, firewalls, electronic data traffic, and network access
  • Responsibility for monitoring and completing tickets in assigned queues
  • Participate in after-hours on-call support
  • Participate in after-hours maintenance
  • Keep IT management apprised of critical issues
  • Design, Engineering, and Innovation:
  • Evaluate and recommend security products, services, and/or procedures to enhance productivity and
  • effectiveness
  • Collaborate with IT Security and Governance to design, tests, and implement secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications
  • Collaborate with IT Security and Governance to research, evaluate and recommend new security tools,
  • techniques, and technologies and facilitates introducing them to the enterprise in alignment with the enterprise security strategy
  • Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations
  • Facilitate the acquisition and integration of new technology into the environment
  • Identify and recommend new technology value to the organization
  • Research technical concepts and educate other team members as needed
  • Present research / proposed projects to IT management
  • Participate in technology evaluations
  • Collaboration with other design teams within IT

Monitoring & Optimization:

  • Review automated infrastructure monitoring systems and escalate appropriately
  • Provide capacity planning and keep IT management apprised of system capacity needs
  • Identify improvements to operational capabilities and performance based on best practices
  • Recommend improvements to systems and IT support process
  • Recommend implementation standards
  • Recommend Service Management standards
  • Documentation & Knowledge Management:
  • Develop quality documentation of technical processes and procedures
  • Document all ticket and project work
  • Ensure documentation is sufficient to yield reproducible results
  • Identify and recommend changes with existing documentation that impacts customer support
  • Identify, track, any resolve gaps in existing documentation
  • Lead or assist in policy, security, and compliance documentation efforts when agreed upon

Project Delivery:

  • Track and complete assigned IT projects
  • Complete tasks in a timely and quality fashion
  • Adhere to implementation, quality control, and change control standards
  • Keep IT management apprised of risks to project success
  • Ensure that projects are delivered on-time, within scope and within budget
  • Coordinate internal resources and 3rd party/vendors for efficient execution
Qualifications

Required Qualifications:

  • Bachelor’s degree or equivalent certification in computer science, cyber security, information technology, or related technical field
  • 5-7 years of proven networking or systems information security focused experience
  • Experience managing IT Security operations engagements with Managed Service Providers (MSP) or Managed Service Vendors (MSV), both for day-to-day run operations and projects
  • Ability to translate technical security concepts into lay terms
  • Comfort with presenting in front of technical and non-technical audiences
  • Experience working in a team-oriented, collaborative environment
  • Demonstrated results orientation, initiative, attention to detail, and customer service orientation
  • Excellent written, verbal and presentation communication skills
  • Strong understanding of the TCP/IP protocol suite, OSI model, IP, UDP, and network services such as DHCP and DNS
  • Subject Matter Competency with standard authentication protocols and multifactor authentication technology
  • Subject Matter Competency with layer 2 and three networking technology and protocols, routing and switching, SPAN/Tap technology
  • Subject Matter Competency with network device hardening on routers, switches, firewalls, etc.
  • Subject Matter Competency with Windows OS hardening
  • Strong understanding of SSL/TLS
  • Subject Matter Expertise with Intrusion Detection/Prevention technology and writing signatures
  • Subject Matter Competency with Active Directory and Windows OS security
  • Experience administering the following technologies;
  • Firewalling systems from Cisco, CheckPoint, Fortinet
  • Antivirus/antimalware and patch management software
  • Web content filtering / proxy technologies such as Bluecoat, Websense, Zscaler
  • MDM/EMM solutions such as AirWatch/Workspace One, MobileIron, InTune EMS
  • Enterprise disk encryption systems from McAfee, Symantec, Microsoft
  • VPN platforms from Cisco, Juniper, Fortinet
  • Network and WAN optimization systems from Riverbed, Cisco, Silver Peak

Desired Qualifications:

  • Experience managing full-time employee IT security

Job Number: 3414

More Information

Apply for this job

Leave your thoughts