Information Security Specialist - job 1 of 2

The Harris Corporate IT Team is seeking an Information Security Specialist who will participate in evaluating, developing, and implementing security tools, standards, procedures, and guidelines for multiple platforms in diverse systems environments as needed. As the Information Security Specialist will utilize your wide area of expertise in network, cybersecurity, incident management, security frameworks and other areas to provide security support for the Harris group of companies.

You will perform risk analysis and assist in monitoring, tracking, and reporting behaviors and tasks logged by assets (ie, applications, systems, networks) and identified in the risk assessment process to ensure Harris’ network, systems, and data are protected from any potential leaks of information or malicious activities. Routine tasks performing risk assessment of systems and processes, proactively monitoring cybersecurity and information technology infrastructure, including hardware, software, networks, applications and services.

This position will communicate with the Corporate IT team, customer’s IT representatives, Managed Security Services and other appropriate areas, as deemed necessary.

What will be your impact:

• Performs risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points.
• Responsible for security controls, processes and architecture consultation, design and monitoring.
• Responsible for overall access control management including but not limited to auditing current access controls to identify potential risks, making recommendations for improvement in security and tracking remediation.
• Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.
• Develops and executes corrective action and remediation plans for identified issues, risks or vulnerabilities.
• Performs vulnerability scanning for network devices, applications and databases to identify vulnerabilities.
• Analyzes and assesses security incidents and escalates incidents by following incident plan.
• Responsible for managing and maintaining endpoint protection solution.
• Responsible for managing and maintaining the active directory identity protection solution.
• Develops and maintains standard practices and procedures for appropriate response to identified threats.
• Manage and analyze security information and event management (SIEM) tools and services to identify and respond to events as appropriate.
• Monitors activities and events to detect, classify and act upon anomalous behavior appropriately in a timely manner.
• Responsible for the installation, maintenance and monitoring of security tools to protect systems and data.
• Assesses potential risks and vulnerabilities to develop baselines and assist with response to deviations.
• Works with IT teams to solve information security system problems and issues in a timely and accurate manner.
• Assess emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities.
• Participate in annual security audits, incident response exercises, security reporting, audit and compliance support.
• Work with information security team to provide security incident escalation support and remediate security issues.
• Performs reviews and assessments of security controls before hardware/software is migrated to production.

What are we looking for:

• Minimum of 5 years experience in IT Security Risk Management or Security Operations.
• Minimum of 3 years experience in System Administration role
• Minimum of 2 years experience in cloud services security.
• Experience troubleshooting common network devices, network vulnerabilities and network attack patterns
• Experience analyzing IIS, SQL, firewall, IPS/IDS, Windows, SEP, Web, and mail filtering logged events.
• Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)
• Ability to write security requirements and design documents
• Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs.
• Knowledge of VMware and VM server platforms
• Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
• Bachelor’s degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.
• CISSP, CCNA, MCSE certifications would be considered an asset

Job Type: Full-time

Schedule:

• Monday to Friday

Work Location: Remote