Information Security Senior Job Description
Information Security Senior Duties & Responsibilities
To write an effective information security senior job description, begin by listing detailed duties, responsibilities and expectations. We have included information security senior job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Security Senior Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Senior
List any licenses or certifications required by the position: CISSP, CISA, SANS, GIAC, CISM, PNSE, CCNA, CE, DOD, OSCP
Education for Information Security Senior
Typically a job would require a certain level of education.
Employers hiring for the information security senior job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Primary Degree in Computer Science, Engineering, Information Security, Technical, Information Technology, Education, Science, Technology, Mathematics, Information Systems
Skills for Information Security Senior
Desired skills for information security senior include:
Desired experience for information security senior includes:
Information Security Senior Examples
Information Security Senior Job Description
- Understand security policies and procedures and assist in enforcing them
- Knowledge of moderately complex information system engineering concepts, practices, and procedures for the solution of technical system problems
- Determine security violations and inefficiencies by conducting periodic audits on accounts and workspaces
- Assist in the development and application of security patterns that would be applied to network, host, application, and data resources
- Work with business units in the implementation of security components and controls into the systems development lifecycle
- Implement Role Based Access Control to ensure compliance to internal policy and current regulatory laws
- Integrate existing access control mechanisms into enterprise authentication and access management toolsets
- Proven experience managing numerous projects and activities simultaneously ensuring the correct priorities are assigned and completed within the constraints of resources
- Proven ability to make decisions based on the given data in a timely fashion
- Configuration, management, and support of various network and host security systems and programs such as Data Loss Prevention (DLP) systems, network Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), Host Intrusion Prevention (H-IPS), Application Control, other associated security systems/environments
- Must have strong familiarity with various security solutions including SIEMs, firewalls, web proxies, anti-virus, and DLP working experience with an enterprise SIEM solution
- Must possess a thorough understanding of network protocols, TCP/IP fundamentals
- Must have working experience with packet capture and analysis
- Must have experience working in a SOC and a knowledge of all related SOC processes, including incident response and digital forensics
- Specialist in cyber threats including malware and advanced threats, with in-depth understanding of exploit and attack mechanisms at network and system level
- Deep knowledge of information security principles, techniques and methodologies such as the SANS Top 20 Critical Security Controls and the OWASP Top 10
Information Security Senior Job Description
- Proactively monitor, evaluate, and maintain systems and procedures that safeguard internal information systems, network, databases, and Web-based security
- Develop education and communication security requirements and procedures to users and new employees
- Ability to create and deliver professional security documentation to include training presentations and briefings
- Familiarity with security applications
- Skilled at evaluating and applying Information Assurance Vulnerability Alert (IAVA) mitigation's
- Experienced system administrator for Microsoft Windows operating systems
- Experience with security certificate process, troubleshooting certificate access problems
- Support assessment of our security by our customers, internal, and external auditors
- Supports IT and other areas of the organization by answering technical and procedural questions
- Mentors and partners with less-experience team members
- Determine standards and roadmaps for hardware and software
- Conduct major studies regarding system usage, makes recommendations for improvements, and determine system requirements
- Interface with departments and assess higher profile projects for security risks, identify the potential exposures and present recommendations
- Prepare management reporting of all security engagements and manage workload
- Research, design, and implement security monitoring practices and operationalize these processes across the enterprise
- Direct the review, development, testing and implementation of security plans, products and control techniques
Information Security Senior Job Description
- Establishes standard operating procedures (SOP) for deployed security solutions, interfacing with managed security service providers, incident responses, review and escalation processes
- Oversees analyst I and II team members' operational activities to ensure they follow proper investigative, documentation, evidence preservation, support escalation, and other procedures
- Responsible for developing the maturity of cyber security through NIST based programs, policies, and software implementation designed to ensure that information within the organization is secure and end-user awareness for cyber security is increased
- Identify and implement appropriate tools and technologies to monitor and ensure data is secure
- Oversee IT General Controls and audit programs to ensure SOX compliance and compliance with varying country legislation and future legislation changes
- Responsible for review and approval of all applications and inflow/outflow of data to maintain compliance with security policies
- Responsible for auditing the employees of the organization to ensure compliance of employees again cyber practices with security policies and testing of IT systems to ensure they can withstand penetrations from outside sources
- Responsible for the security and account management for all applications within the organization and key input into business continuity plans
- Lead cross functional cyber security teams with legal, HR, and Internal Audit
- Define company strategy for DLP implementation
- Experience with performing Tier II or higher systems engineering, systems administration, systems integration, or systems security to relevant technologies, including Windows servers, firewalls and routers, or virtual environments
- Actively participate in incident response planning the investigation of security breaches as necessary
- Assists in identifying, reporting and remediating security risks and vulnerabilities
- At least 5 years of experience supporting a multiple customer base system and network environment using Cisco, Symantic, O365 EOP, MXLogic, IIS, Sendmail, Brightmail, EXIM, PGP, Websense, Bluecoat, TMG, Scansafe, ISA, McAfee Web Gatway, Firepower products
- Experience implementing and using various DAM and or SIM tools such as Imperva, Guardium, Audit Vault/Database Firewall and Splunk
- A working knowledge of the various database security features and options available across multiple database environments
Information Security Senior Job Description
- Persistence and the ability to demonstrate tenacity and willingness to go the distance to get something done
- Provide technical guidance and consult on the implementation of Information Security controls
- Analyze, monitor, and escalate security events
- Support the Incident Management Program as required
- Monitor legal and regulatory changes
- Provide security awareness articles as requested
- Ability to work across organizational boundaries to build alignment and drive closure on issues and results
- High personal accountability for self and other
- CISSP, CISM, CRISC or CISA security certifications
- Develop and communicate security strategies and plans to staff, partners, and stakeholders
- ORaw security log analysis
- OData network equipment (Routers, Switches)
- ORouting Protocols (IP, TCP, BGP, OSPF)
- OMicrosoft Windows platforms, SQL server and SMS
- OComputer Forensic methodologies
- OMalware reverse engineering and ethical hacking
Information Security Senior Job Description
- Perform risk assessments and execute tests of data processing environments to ensure compliance with Information Security Policies, Standards, Procedures, and Guidelines
- Review Data Loss Prevention alerts to identify potential data exposures
- Identify changes required for IDS systems and SIEM platform
- Identifying and evaluating Information Security risks and threats
- Confer with business stakeholders to discuss issues pertaining to their compliance needs
- Communicating with Supervisors, Peers, or Subordinates -- Providing information to supervisors and co-workers by telephone, in written form, e-mail, or in person in support of your activities
- This is a global Role, working across functional groups in Europe, Latin America, Asia Pacific and North America
- Should have a good understanding and extensive hands-on experience with various security technologies VPN's, IDS/IPS, end point security solutions (AV, HIPS, and Hard Disk Encryption), strong Authentication products, Security Event Monitoring/Management solution/Log Management Solution, Content Security Gateways (Web/Mail Security Gateways), Scripting solutions
- Up to 5% travel CONUS
- Ability to collaborate with technical and vendor personnel, cloud service providers
- Available off-hours/on-call to handle occasional incidents and escalations
- 6+ years relevant work experience in Information Security or Threat Intelligence, or a related area
- Bachelor's degree or 4 years of equivalent work experience in Information Technology or related area