Senior Information Security Job Description
Senior information security
provides hands on based input of vendor proposals, new and existing security designs, and emerging security technologies and systems.
Senior Information Security Duties & Responsibilities
To write an effective senior information security job description, begin by listing detailed duties, responsibilities and expectations. We have included senior information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Governance, monitoring, and supporting security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures
Perform required tasks for the Access Governance function
Evolves the Identity and Access Management Governance program to keep pace with Rogers' business needs
SIEM Monitoring
Redhat Knowledge
Enforce infrastructure security including Microsoft, Linux/Unix, Workstations, POS terminals
Provide leadership and consulting to multiple interdepartmental security stakeholders including guidance and instruction to ensure compliance with Information Protection Policies governmental and industry regulations
Knowledge of ACH and wire procedures, bank agreements, IT security measures (including anti-virus and anti-malware programs, server and workstation patching, and transaction/network event logging), and insurance
Execution, assessment and remediation of Information Assurance controls
Work with senior stakeholders to ensure that Information Assurance priorities reflect business needs and provide appropriate levels of protection for the business
Senior Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Information Security
List any licenses or certifications required by the position: CISSP, CISA, SANS, GIAC, CISM, PNSE, CCNA, CE, DOD, OSCP
Education for Senior Information Security
Typically a job would require a certain level of education.
Employers hiring for the senior information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Primary Degree in Computer Science, Engineering, Information Security, Technical, Information Technology, Education, Science, Technology, Mathematics, Information Systems
Skills for Senior Information Security
Desired skills for senior information security include:
Instructional systems
Multiple operating platforms
Various software packages
Tools and technologies used for enterprise security
PCI
Firewalls
Governance
Security technologies
Computer forensics
Emerging technologies
Desired experience for senior information security includes:
In-depth experience with various centralized and distributed processing platforms (i.e., OS/390, PCs, HP, SUN, NOVELL, AIX)
Security certification such as CISSP, CISM
Engineers security technology solutions for the company across a range of Information Security areas, such as IDS/IPS, SIEM, firewall, and antivirus
Performs operating system, network and application vulnerability assessments
Certifications such as CCNP, MCSE
The ability to absorb and adapt to new technologies
Senior Information Security Examples
1
Senior Information Security Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of senior information security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for senior information security
- Review security-related technical aspects of proposed key initiatives as part of Corporate Security Solution Assurance Process (CSSAP) sign-off
- Help Cloud Development and Operations, IT Security and Risk Management teams, and the Global Business Unit (GBU) organizations identify specific security-related infrastructure, architecture and design improvements, and work with these delivery organizations to carry them out
- Guide Cloud, IT, major lines of business and GBU security leads in aligning initiatives with corporate information security goals throughout the project life cycle - from inception through implementation
- Building and developing the capability and competency of the IS Project Consultants and Analysts to drive engagement, efficiency and effectiveness of the team
- Manage and perform assessments of information security risks on a regional and local basis
- Assist with control implementation
- Identify potential IT security incidents and perform triage of incoming security threats by performing preliminary and secondary analysis of those events
- Provide analysis and support to include identifying potential threat, anomalies, and infections
- Analyze traffic flows, system logs, Perform risk assessments and testing
- Respond to requests for and perform technical support to end users on a variety of IT and security issues
Qualifications for senior information security
- Requires Bachelor's degree (in field mathematics, telecommunications, electrical engineering, computer engineering, computer science) or equivalent and significant experience with information networks and the security aspects
- Deep knowledge of IT security and Risk disciplines and practices, particularly as it relates to IAM
- Act as spokesperson and expert in information security, risks management and compliance for the Managed Services teams and customers
- Produce and maintain business risk and impact analysis
- Must have experience in rationalizing incoming threat intelligence information and relating it to existing SIEM rules
- Must have programming experience with emphasis on scripting languages such as Perl, Python, PHP, etc
2
Senior Information Security Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of senior information security. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for senior information security
- Plan for and manage the implementation of future data integrations, eg Device and Technology data from Service Now
- Manage and maintain the security policy, including
- Work with the EGSO Metrics & Reporting team to ensure that all required data from Archer is transferred securely to any reporting or dashboard systems and that it is timely, accurate and formatted as needed
- Maintain user training materials and publish updates in a timely manner
- Perform a monthly review of EGSO privileged access
- Act as the approver for users needing Archer access for security activities
- Oversee and manage the work of any third parties making updates or changes to the Archer implementation to reduce disruption and impact
- Gather feedback from system users to identify and implement improvements and efficiencies
- Collaborate with Cloud Development and Operations, IT Security and Risk Management teams, and the Global Business Unit (GBU) organizations' on development and maintenance of cloud security reference architecture to include assessment of specific security-related infrastructure, consulting on architecture and design improvements, and working with delivery organizations to carry them out
- Experienced in the ICD 503 RMF process
Qualifications for senior information security
- Knowledge of Risk Management Framework (RMF) security controls
- Certification CISSP, Security+ CE or DoD 8140 equivalent
- Consulting and/or audit services background with a focus on information security and compliance
- Presentation experience with focus on information security topics
- Provide technical leadership, standards and best practices to Technology teams during design, build, configuration and maintenance phases of initiatives/projects involving security tool
- Provide level 3 support to resolve technology incidents involving security tools
3
Senior Information Security Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of senior information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for senior information security
- Monitor relevant regulatory changes and assist in developing internal controls accordingly
- Administration of an Information Security Awareness Program (training administration and communications management), and
- Provide support in the maintenance and execution of an Incident Response Plan, including monitoring of security controls (event reports, ) and coordination of appropriate response activities
- Perform general administrative duties to support Information Security operations
- Demonstrate understanding of Issuances released by Joint Force Headquarters- DOD Information Networks (JFHQ-DoDIN) and US Cyber Command (USCYBERCOM) and impact on the Agency in order to provide analysis and recommendations
- Analyze the impact of operational decisions on all upward reporting and metrics
- Provide project management support for cybersecurity contract to include identifying stakeholders, producing charters, creating work breakdown structures, establishing meetings in Outlook, conducting meetings, sending agendas, ensuring meeting minutes distributed
- Support day to day operations for enterprise-wide PKI and Identity Protection and Management program in accordance with DoD governing policy
- Perform duties as a DHA Registration Authority (RA)/Local Registration Authority (LRA)
- Provide management support for the DHA Information Assurance Vulnerability Management (IAVM) program, including oversight and management of the Defense Information Systems Agency (DISA) Vulnerability Management System (VMS) and the USCYBERCOM Information Assurance Vulnerability Management (IAVM) system
Qualifications for senior information security
- Mix of security assessment capabilities, audit background is important but emphasis is on Unix (highly preferred)
- Network and/or Mainframe Infrastructure background is an asset
- Ability to communicate effectively, verbally and in writing, with multiple audiences, including the ability to clearly and simply restate complex issues and to edit written materials
- Experience in manually detecting various Web based security vulnerabilities like SQL Injection, Cross Site Scripting (XSS), CSRF and Session Hijacking Threat Modeling of various sector applications
- A general technical knowledge of security and IT related technologies
- Ability to communicate clearly and concisely in verbal, written and electronic form
4
Senior Information Security Job Description
Job Description Example
Our innovative and growing company is hiring for a senior information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for senior information security
- Participate in planning efforts to achieve business goals by coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology
- Serve as a senior internal information security consultant to the organization through providing subject matter expertise as it relates to new services, products and projects
- Keep up to date on emerging security trends, new methods and attack vectors frequently used to obtain unauthorized access to data in order to proactively reduce the risk of a possible system breach
- Strong foundational knowledge of static/dynamic code scanning and integration with the SDLC, including working directly with developers for them to understand findings and remediation steps
- Review architectural designs and participate on the Security Architecture Committee
- Detailed technical knowledge of common Application Security Vulnerabilities and flaws including OWASP Top Ten
- Familiar with both Waterfall and Agile development methodologies
- Experience with consulting on numerous complex projects and enabling the business to move forward with the appropriate controls in place or with appropriate mitigations in place to reduce the risk to an acceptable level
- Demonstrated experience in Information Security related to IT controls and project management
- Info Security designations required
Qualifications for senior information security
- Must have database security experience
- OHost IPS and Web content filtering
- OSecurity Information & Event Monitoring (SIEM)
- OTCP/IP, Solaris, UNIX/AiX, Windows Server
- OVirtual Private Networks
- OPacket analysis & inspection
5
Senior Information Security Job Description
Job Description Example
Our innovative and growing company is looking for a senior information security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for senior information security
- Perform all tasks required including reporting, monitoring, and turnover
- Acts as a security generalist working mainly on incident response/investigation and SOC activities with occasional exposure to GRC policy assessments and vendor questionnaires
- Provides detailed and thorough written analysis results for incidents/events to appropriate parties
- Works closely with Senior Engineers, located onsite in Dallas, who can provide hands-on work with technical projects and mentorship
- Works to define processes, runbooks and automation to insure consistency and efficiency in work effort
- Coordinates with and maintain highly collaborative relationships with vendors
- Collaborates with international SOC teams who are monitoring daily activity
- Work alongside a tactical arm of the team, conducting computer forensic analysis, data recovery, and other IT investigative work
- Analyzes internal & external threat intelligence & applies to proactive cyber hunt activities
- Act as escalation point for security services incidents or complex changes
Qualifications for senior information security
- Knowledge of information systems and reporting operations, accounting procedures and budget management
- Working knowledge of common operating systems (Windows, Linux, ) and basic endpoint security principles
- Knowledge of common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL)
- 3+ years of experience in Information Security, Incident Response, (or related field)
- Risk Management Framework experience a plus
- Microsoft and VMware certifications a plus