Information Security Specialist Job Description
Information Security Specialist Duties & Responsibilities
To write an effective information security specialist job description, begin by listing detailed duties, responsibilities and expectations. We have included information security specialist job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Security Specialist Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Specialist
List any licenses or certifications required by the position: CISSP, CISM, CISA, SANS, DOD, QSA, PCI, CRISC, ISO, CWAPT
Education for Information Security Specialist
Typically a job would require a certain level of education.
Employers hiring for the information security specialist job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Education, Engineering, Information Security, Information Technology, Information Systems, Technical, Business, Science, Management
Skills for Information Security Specialist
Desired skills for information security specialist include:
Desired experience for information security specialist includes:
Information Security Specialist Examples
Information Security Specialist Job Description
- Recommending short and long term adjustments to controls for immediate and future identification, containment and remediation
- Working closely with other cyber threat analysis entities including local, state, and federal law enforcement organizations, intelligence communities, and other government entities to ensure rapid analysis and adoption of cyber threat intelligence into company detection and prevention systems
- Updating IR process definition and the development and maintenance of documented procedures and techniques, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, and business units
- The IS Architect’s first duty is to gain a comprehensive understanding of the company’s technology and information systems and capabilities
- Manages Information Security’s ELK and Graylog implementations others as necessary
- Relevant Information Security or technical qualifications
- Partner and work with GSO teams to ensure GSO programs are deployed successfully, where applicable
- Maintain IA-CND sensor grid situational awareness from Tier 0 to Tier 2
- Provide event categorization by analyzing the incoming data flow from security devices and searching data for indications of anomalous events
- Lead/conduct theater collaboration for IA-CND planning and operations including, but not limited to email, chat, ticketing and collaboration session communications
- Information Security Accreditation
- Generally 1 - 3 years experience in information security, IT audit, or information technology operations
- Ensure access and verification reports are provisioned from third parties and disseminated to the appropriate approvers within the organization
- Responsible for collecting information from third parties and providing and disseminating the information to the information security department in order to determine if the third party is effectively managing security risk
- Determine the appropriate approach in working with third parties to foster cooperation and collation of security risk information that involves critical facilitation and negotiation
- At least 8 years of relevant working experience in Information Security, IT Audit or IT Risk Assessment
Information Security Specialist Job Description
- Correlate data, analyze security events and respond to alarms using McAfee Security Information and Event Management (SIEM) tools
- You will be asked to perform client facing role which will focus on designing and implementation of security structures to support their information security needs whilst working with different entities in the enterprise to ensure compliance with corporate rules and industry standards
- You will research and Implement information security tools with our competency centers
- Work with leading and emerging information security technologies and standards
- Role requires to discuss and communicate end-to-end security solutions to executives, business sponsors, and technical resources in a clear and concise manner
- Analyze and evaluate security trends, vulnerabilities and provide ongoing feedback to development team for using secure coding best practices
- Provide cost effective security solutions that maximize value to the customer and considers constraints such as budget, timelines, local market, and meeting customer business and security requirements
- Gain insight into customer's business, its security environment, and its challenges in order to propose added value
- Keep updated with emerging security threats and alerts
- You will be able to promote operational efficiency
- General knowledge of risk management processes including internal audit and information security management
- Monitoring Scheduled Tasks like Reconciliation of GroupWise Mailing Services and Active Directory Services, Lifecycle Rules
- Managing Dynamic Roles and groups
- Generating and Managing Reports
- Troubleshooting of errors in day to day work, regarding GW and AD adapters, TDS, TIM, WAS, System Performance
- Integration of RSA and Exchange Server Adapters with TIM is under process
Information Security Specialist Job Description
- Provide level 3 support for a wide range of highly complex information security issues including secure architectures, secure electronic data traffic, network security, and data security and privacy
- Work with different entities in the enterprise to ensure compliance with corporate rules and industry standards
- You will lead ISO 27001 certification process and/or additional requirements such as PCI or privacy requirements
- You will work with executive management to determine acceptable levels of risk for the organization
- Lead and manage strategic security activities in enterprise companies
- Work with multiple teams, from sales to technical during your journey to drive both success and personal development
- Assist in hardening and compliance review of Servers/Client OS (DHS/USGCB, ), Network Devices, and other IT assets
- Perform periodic and AD-Hoc Vulnerability scans
- Assess the scan results, web applications, network configurations, and recommend remediation procedures
- Correctly document, triage, and respond timely to management in the course of daily analysis and response duties
- Strong understanding of large networks and systems and the interaction between applications, infrastructures
- IT / Information Assurance Certification, CISSP, Security +, CAP
- IT Security documentation development and maintenance, SSP, CP, CM
- Ability, drive and motivation to research and provide the right guidance and find possible solutions
- Minimum of 5 years experience as cyber security incident responder or threat intelligence analyst
- Experience with ElasticSearch (ELK) and Graylog
Information Security Specialist Job Description
- Performs security issues including architectures, firewalls, electronic data traffic, and network access
- Involved in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures conducting vulnerability audits and assessments
- Embeds forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration/testing issues
- Direct the DTEs in the process and confirm all Access Controls of Finance assets are complete to safeguard our information
- Presentation prep on IS to our committees
- Supporting all IS Initiatives
- Participating in access reviews for security events
- Facilitate internal and external, security-related audits and assessments, and ensure successful remediation efforts
- Partner and build cross-functional relationships to help change organizational culture and drive security best practices across the enterprise
- Leads the development of global Information Security risk metrics program to promote consistent information security risk tracking
- Ability to understand the general information technology infrastructure and system inter connections (servers, local area networks (LANs), storage area networks (SANs), virtualization)
- Experience with IT risk management and process improvement
- Typically holds a Bachelor's degree in Computer Science, Information Systems or Business Administration (or equivalent work experience)
- Web and mobile application development experience
- Able to work independently and be a self starter
- An Information Security/Cyber industry standard certification including SANS Certifications including GSEC, GCIH, GSE
Information Security Specialist Job Description
- Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area
- Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
- Handle & respond to customer’s information security issues and incidents
- Raise overall security awareness for account, define training road map fill competencies required based on needs
- Work with the different organization’s competency teams to create and implement information security policies, procedures and technical measures
- Have good problem solving skills including the ability to anticipate identify problems, use sound judgment to generate and evaluate alternatives, and make recommendations
- Coordinate and interact with government and other contractor staff with technical understanding of systems and applications to ensure the A&A package is complete
- Work with organizational stakeholders, develop an information security strategy, obtain executive support of the strategy and monitor progress against it
- Work with organizational stakeholders, assist the development and support of the information security strategy
- Capability to serve as a security resource to all levels including executive management, department employees, business associates, and external bodies such as state agencies
- Must have knowledge in technology infrastructure security, networking, databases, systems and/or Web operations
- Enhancing Cyber Security and organisation reputation by accepting ownership for accomplishing new and different requests
- Updating job knowledge by tracking and understanding emerging security practices and standards
- An understanding of the need for developing and driving the commercial characteristics of security solutions designing security architecture based on unit cost targets- mandatory
- Demonstrate good influencing, communications, interpersonal and organizational skills
- Must have an associate's degree with minimum of 8 years of experience with U.S. Government security fields (primarily in the area of physical security)