Information Security Specialist

Information Security Specialist at Harris Computer

The Harris Corporate IT Team is looking for an Information Security Specialist to join our team! You will be involved in evaluating, developing, and implementing security tools, standards, procedures, and guidelines for multiple platforms across diverse systems environments as needed.

As an Information Security Specialist, you will leverage your broad expertise in access control management, cybersecurity, vulnerability management, risk management, incident management, security frameworks, and other areas to provide robust security support for the Harris group of companies.

This position requires communication with the Corporate IT team, customer’s IT representatives, Managed Security Services, and other relevant parties as necessary.

What Your Impact Will Be

• Responsible for cloud security controls, processes, architecture consultation, design, and monitoring.
• Responsible for overall access control management, including auditing current access controls for risks, recommending improvements, and tracking remediation.
• Responsible for conducting risk assessments against various regulatory compliances such as HIPAA, PCI.
• Responsible for the installation, maintenance, and monitoring of security tools to protect systems and data.
• Performs vulnerability scanning for network devices, applications, and databases to identify weaknesses.
• Analyzes and assesses security incidents, escalating them by following the incident plan.
• Develops and maintains standard practices and procedures for appropriate response to identified threats.
• Manages and analyzes security information and event management (SIEM) tools and services to identify and respond to events as appropriate.
• Assesses potential risks and vulnerabilities to develop baselines and assist with response to deviations.
• Performs risk and security assessments of applications, databases, servers, and supporting network technologies like routers, switches, and access points.
• Works with IT teams to solve information security system problems and issues in a timely and accurate manner.
• Monitors activities and events to detect, classify, and act upon anomalous behavior appropriately in a timely manner.
• Develops and executes corrective action and remediation plans for identified issues, risks, or vulnerabilities.
• Assesses emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions, or extend capabilities.
• Participates in annual security audits, incident response exercises, security reporting, audit, and compliance support.
• Works with the Information Security Officer to provide security incident escalation support and remediate security issues.
• Performs reviews and assessments of security controls before hardware/software is migrated to production.

What We Are Looking For

• Minimum of 5 years experience as a Security Analyst with experience leading security projects.
• Minimum of 5-7 years experience as a System Administrator (Unix/Windows) or Network Administrator.
• Minimum of 3 years experience in a security operations center and/or system administration role.
• Minimum of 3 years experience in cloud services security.
• Experience presenting security concepts at an executive level.
• Experience leading Incident response and remediation of security incidents.
• Strong networking background.
• Experience in access control and identity management for on-premise and cloud environments.
• Strong understanding of Security Architecture.
• Hands-on experience managing various security tools (e.g., Web Content Filtering, Anti-Malware, Firewalls, Intrusion Protection).
• Ability to write security requirements and design documents.
• Ability to analyze system data, including security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs.
• Knowledgeable about security controls and processes, vulnerabilities, regulatory and legal changes, and security standards that may impact information security.
• Bachelor’s degree in Computer Science, Information Systems, Network Security Engineering, or related major, or equivalent work experience.

What Will Make You Stand Out

• CISSP, OSCP, GCIH, CCNA, MCSE certifications.

Key skills/competency

• Cloud Security
• Access Control Management
• Vulnerability Management
• Risk Assessments
• Incident Response
• SIEM Tools
• Network Security
• Security Architecture
• System Administration
• Compliance