- Lead Cyber Security Specialist
- Technology & IT
- Maryland, United States
- Support and deploy systems, information security applications and hardware, and infrastructure components to protect the security of information.
- Provide appropriate training to other security specialists and external customers on developed standards, procedures and guidelines.
- Implement necessary enhancements/updates/upgrades to existing security products.
- Represent Information Security in disaster recovery procedures and exercises.
- Test and report on new technologies and reporting security concerns through the creation of security vulnerability assessments.
- Review and approve ACL / firewall change requests. Perform periodic compliance reviews of firewall configurations.
- Serve as lead technical information security coordinator/project lead and as a contributor to cross functional teams for deployment and support of security specific infrastructure to provide information security to the enterprise.
- Provide support and guidance to a team of technically diverse personnel of senior level security specialists and junior level security specialists.
- Design, implement, and integrate security solutions to address enterprise risks and exposures.
Apply technology and processes to ensure the enterprise is protected and secured in the following areas:
- Identity and access management.
- Provide data protection (through the use of technologies such as whole disk encryption, end-to-end email security, public and private key management, data leakage prevention, web applications and source code security, database security, etc.)
- Network devices and infrastructure, desktop/mobile devices and remote access to the network,
- Information governance to ensure data is managed based on its sensitivity, information security policies, guidelines, and standards.
- Information governance through Perform day-to-day maintenance and address issues and problems associated with security tools.
- Provide general support to the Information Security department in carrying out its’ assigned functions and responsibilities.
- Provide assistance with audit issues and concerns affecting the Information Security department
- Interact with other Technical and Operation Support Service teams to develop tactical and strategic programs to address processes, controls, organization and infrastructure to manage information security related concerns and satisfy directives.
- Properly interpret business and technical requirements into security solutions and designs that are consistent with the current information security architecture.
- Implement and assist in enforcement of company security policies.
- Document results of system and application reviews including corrective action taken and security related documentation.
- Assist with reviews of current and new CareFirst systems and applications, including changes to existing applications/systems, to assure compliance with Information Security policies and standards.
- Apply creative thinking in problem solving and identifying opportunities for improvements in security.
- Provide Information Security related recommendations regarding CareFirst infrastructure components (communications network, physical security, data access, computer hardware/software and data confidentiality, integrity, and availability).
- Work with intra/interdepartmental technical and business personnel in a dynamic and varying environment.
- Collaborate with other Information Security specialists, designers, developers, and architects.
- Work with other technical teams in the organization such as IT Operations and IT Applications.
- Share ideas, discuss alternatives, and seek input. Suggest means to decrease vulnerability of systems, applications and processes.
- Maintain familiarity with state of the art concepts, procedures, software and techniques in Information Security in order to be able to effectively assess and develop the CareFirst Information Security environment.
EDUCATION/ POSITION REQUIREMENTS:
Required: College Degree in an Information Security or Technology related field or equivalent experience plus 7+ years related work experience.
The incumbent will possess a high level of expertise in information security concepts, information security policies and system architecture concepts and have experience in process definition, workflow design, and process mapping. In depth understanding in multiple areas of Information Security such as networking (TCP/IP, OSI model, network protocols), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, switches, routers, IPSEC, IDS/IPS, etc.), voice technologies (session border controllers, MPLS, VOIP, etc.), authentication technologies, (TACACS, RADIUS, etc.), wireless architectures, encryption key management, and mobile device technologies. Also, must have knowledge of vulnerability assessments, privacy assessments, incident response, security policy creation, enterprise security strategies, and governance. The incumbent must also have an ability to quickly and effectively learn Information Security tools in a large, complex multi-platform environment.
Abilities/Skills (candidate should possess most of these):
- Ability to identify and resolve complex issues and develop security solutions to meet business and technology goals.
- Strong written documentation skills and technical writing are required.
- Excellent presentation and verbal communication skills.
- Ability to effectively complete tasks with a minimal level of supervision.
- Experience with the following systems is highly desired:
- F5 LTM, ASM, APM and/or GTM
- Cisco certification such as CCNP Security
- Experience with NetFlow and/or IPFIX
- Experience operating Palo Alto Networks firewalls in a large distributed network
- Experience with ArcSight, QRadar or other SIEM tools
- Experience with Intrusion Prevention technologies
- Experience with Vulnerability identification and management technologies
- Unix, Linux, Web application servers (WebSphere, Apache)
- Virtualization technologies (VMware, VLANS, Hypervisors)
- Encryption technologies and key management
- Professional certification such as CISSP, CISM (lead level only)
- Ability to understand and apply appropriate policies and procedures.
- Basic understanding of SIEM tools and system log analysis.
- Knowledge of ethical hacking techniques and counter attack methodologies.
- Experience working with Information Security tools in a large, complex, multi-platform environment.