a. Design, analyze, and manage multiple security and/or access control models in a planned, conscious manner following defined security lifecycle. Measure and report on effectiveness of security controls to Corporate Information Security CIS leadership, as well as to team members, IT leadership and IT staff. Controls include
b. Vulnerability Scanning Systems Ensure that daily scanning of network, system, application and database assets across the enterprise is occurring. Verify the reports results are accurate and report to IT leaders and technical staff. Leads the works with various IT teams to remediate vulnerabilities.
c. Firewall Rule Analysis System Review firewall rules to ensure new rules do not cause undue risk. Report findings to Security Architects. Assist project managers, technical staff and business members through the Firewall Request processes. Ensure antivirus is installed across systems in the enterprise.
d. Defines relevant metrics that can be used to report on the efficacy of SecOps controls.
e. Acts as a liaison with the other SecOps functions to ensure IOC and information sharing activities are regularly occurring.
f. Mentors and provides guidance for the other SecOps analysts coordinating with CIS leadership.
g. Security Configuration Hardening Processes Leads the work with IT technical teams to ensure defined security configurations are applied across the enterprise. Review and update security configurations as appropriate.
h. Interpret information security policies, standards, and other requirements as they relate to a specific internal information system, and assist with the implementation of these and other information security control requirements.
i. Provide guidance and coaching to other Security Operations professionals.
j. Serve as a representative of the security control structure ensure key methodologies and concepts are applied and documentation in place to satisfy corporate, department, and internal and external auditor review. Solve complex security issues such as bypassed controls, disrupting security measures and technology changes provides a continual balance of applied security safeguards and business usability. Offer high tier technical information security consulting services to distributed personnel who are responsible for one or more information security systems these people include Network Administrators, Systems Administrators, Database Administrators and Application Developers.
k. Evaluate information system bug reports, security exploit reports, laws and regulations, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps.
l. Serve as an active member of the Security Incident Response Team SIRT and participates in security incident response efforts by, among other things, having an indepth knowledge of common security exploits, vulnerabilities and countermeasures. Respond to security incidents, and advises on risk remediation plans, provide security reports to Corporate Information Security management team. Act as a technical consultant on information security incident investigations and forensic technical analysis.
m. Maintain uptodate detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Research and recommend new emerging technologies, techniques and tools that will add value to the organization.
n. Other duties as assigned.