IT Security Systems Admin
The position is responsible for the day-to-day operations of the in-place security solutions and the identification, investigation and resolution of security breaches detected by those systems. Main duties include designing, implementing, monitoring and maintaining security systems and hardware, security planning/integration, ensuring that all systems are safeguarded against all forms of malicious intrusions, assisting other groups within the firm in developing secure systems and troubleshooting security anomalies with web proxy and secure emails.
- Ensure utilization of appropriate and effective authentication, encryption, and intrusion detection methods.
- Monitor logs looking for trends and security threats.
- Determine appropriate data feeds into Splunk and design Splunk queries.
- Participate in the review and analysis of internal applications and projects and external connectivity issues that impact security
- Conduct vulnerability scans and develop security strategies based on results
- Participate in the design of, implement, monitor and maintain security systems and hardware including Firewalls, Data Loss Prevention, Intrusion Preventions Systems and Network Access Control systems.
- Participate in the design of and support of DMZ security controls.
- Participate in the design of hardening procedures for network devices including servers and desktops.
- Keep abreast of emerging security technologies and threats to make appropriate recommendations regarding implementations and mitigation strategies.
- Three or more years of experience in technical information systems positions, with at least 2 years’ experience in a pure information security position (firewall administrator, IDS administrator, penetration tester, etc.).
- In-depth understanding of IP networking, networking protocols, network segmentation and security-related technologies. These include encryption, IPSEC, PKI, RADIUS, VPN's, web application and traditional firewalls, proxy servers, Data Loss Prevention, change management monitoring, database activity monitoring, DNS, PGP, SSL, code signing, digital signature and digital rights management.
- Experience in Imperva SecureSphere, Varonis Datalert, Forcepoint products, Splunk a plus
- Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis and significant experience administering the operations of a complex security infrastructure.
- Working knowledge of Microsoft technologies
- Excellent analytical, troubleshooting & interpersonal skills.
- Strong verbal and written communication skills.
- Ability to work in a team environment.
- CISSP or equivalent certification is preferred.
Endevis, LLC. and all companies represented are Equal Opportunity Employers and do not discriminate against any employee or applicant for employment because of age, race, color, sex, religion, national origin, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class.