Operational Responsibilities: Ensure the proper configuration and operation of security related systems. Identify configuration or process deficiencies or other technical risk in a complex IT environment. Work with a multitalented team to generally improve team performance, knowledge, and delivery. Evaluate vendors and products for procurement. Perform root cause analysis of complex technical issues and the technical and non-technical business processes that depend on them. Work with stakeholders to modify processes that may depend on or result in unacceptable IT risk. Cross train with other team members ranging from senior technologists to entry level technologists. Communicate effectively with colleagues throughout IT and other business areas to reduce IT risk. Work with multiple stakeholders in a matrix organization. General Requirements: 10+ years of IT Enterprise operations experience in multiple roles. 3+ years maintaining and securing a large scale Windows network environment including working with AD architecture, GPO, PKI, SCCM, LDAP, Kerberos, etc. 2+ years of Security operations experience in a large enterprise environment. Strong understanding of TCP/IP, and firewall operation. 1+ years of SIEM experience (Splunk, Graylog, QRadar, FortiSIEM, ELK, ETC) 1+ year application whitelisting experience (Cyberark EPM, Bit9/CB Protect, etc.) One or more high level security certifications (CISSP, CISM, CCSP, CISA, SANS GIAC, etc) Able to research complex topics and deliver summaries of findings Strong leadership and soft skills Strong written and spoken communications skills. Strong critical thinking skills. Self directed and able to work without supervision. Bachelors degree in CS, MIS, EE, or a related field from a DOE accredited university or combination of education and equivalent experience. Highly preferred: 5+ years security operations responsible for multiple tools and technologies Experience deploying products in a large Enterprise environment MCITP certification PowerShell certification Windows architecture experience 2+ years application whitelisting technologies (Cyberark EPM, Bit9/CB Protect, etc.) 2+ years SIEM experience 2+ years working with non-technical stakeholders 2+ years software development experience in one or more programming languages (C, C++, C#, Python, Ruby, etc.) 2+ years PowerShell scripting experience CI/CD pipelines 1+ year performing IT risk assessments CCNA/CCNP certification or equivalent experience Understanding of MITRE ATT&CK framework Linux/Unix administration experience (RHEL/Centos/Kali/FreeBSD etc.) Penetration testing experience. Deployment experience in enterprise virtualization environments (VMWare, AWS, Azure) History of security conference attendance, continuing education, or other self-directed professional development.
CISSP, Application Security, SIEM Tools
Apply on company website