Information Security Specialist II

Responsibilities:

• Assess, review and administer firewalls and remote access VPN; Palo Alto PAN-OS experience strongly preferred
• Work closely with cloud IT teams to secure AWS data centers and Kubernetes container environments
• Assist in aligning AWS cloud data centers with security best practices
• Work with Managed Service Provider to address SIEM logging and alerting requirements
• Review escalated security alerts, provide deep investigative support as required
• Manage and perform internal and external vulnerability scanning tests
• Evaluate and manage vulnerability and audit remediation items to ensure timely resolution
• Conduct system baseline validations to identify operating system deficiencies
• Monitor, configure and maintain enterprise security systems, software and devices as required
• Research, demo and recommend new security technologies to help the company stay current with industry trends and best practice security posture recommendations; deploy solutions
• Perform security checks to ensure company data security and policy adherence is in aligned with audit and client requirements
• Foster open communication with internal IT teams to maintain the ongoing relationship as it pertains to enterprise information security
• Keep up to date on security industry best practices, frameworks, standard and trends, pursue relevant security certifications
• Provide proactive feedback to management concerning potential problems and recommendations for improvement.
• Maintain a proactive approach to all information security matters in relation to managing information security-related systems

Requirements:

• Bachelor’s Degree within Information Security, Cyber Security, or Computer Engineering preferred, or related experience and training required
• Two or more of the following security certifications or equivalent experience desired: AWS Certified Cloud Practitioner, AWS Certified Security Specialty, CompTIA Security +, GIAC, Cisco, Palo Alto PCNSA\PCNSE\Network Security Professional\Next-gen Firewall Engineer preferred
• Knowledge of AWS cloud infrastructure, security architectures, and standards
• Knowledge of security best practices and architecture for the Kubernetes container environment
• Ability to be adaptable, flexible, and change activities quickly according to business needs.
• Prior experience in a regulated industry. Experience with SOC 2 preferred.
• Must be critical thinker with strong technical skills with the ability to prioritize and troubleshoot issues, while providing attention to detail in a fast-paced global Information security environment
• Must be able to learn new technology and applications quickly
• Strong understanding of the criticality of Information Security and the impact to internal and external business functions
• Excellent communication and interpersonal skills. Ability to listen, communicate (written and verbal)
• Ability to effectively interact with all staffing levels, both internally and externally.
• Ability to effectively work virtually in a diverse international team in a multi-tasked environment
• Strong attention to detail

Experience:

• At least 3 years of IT Security experience required. Experience in a large enterprise or corporate environment is preferred.
• At least 3 years hands-on experience with a next generation firewalls, Palo Alto preferred
• Knowledge of and commitment to deep learning of Palo Alto PAN-OS is highly desired
• At least 3 years of AWS Cloud computing experience required including hands-on experience with securing AWS components such as IAM, VPC, ALB, EC2, S3, CloudTrail, Route 53, GuardDuty, CloudFront, WAF, Security Groups
• Knowledege of AWS Routing, Transit Gateway, Cloud WAN, BGP
• Knowledge of IaC tools Terraform, CloudFormation
• Knowledge of securing Kubernetes container-based environments
• At least 1 year of experience hands-on experience with a vulnerability management platform, such as such as Qualys or Rapid7, performing scans and providing remediation guidance and tracking
• At least 1 year of experience hands-on experience with a SIEM platform
• Knowledge of security technologies and tools such as MDM, DLP, PAM, vulnerability testing tools, Anti-virus and anti-malware products, next generation firewalls, and other relevant information security related solutions
• Knowledge and understanding of networking, TCP/IP network protocols, ports, concepts and network architecture best practices
• Knowledge of Microsoft Active Directory, Windows Server\Desktop, MacOS, Linux Operating Systems
• Knowledge and understanding Office 365
• Knowledge of AWS Cloud Security Best Practices
• Knowledge and understanding of security frameworks and controls found in NIST 800-53, NIST Cybersecurity framework, PCI, SOC 2, ISO 27001\2, CIS 18