Information Security Administrator
Job Description:
Responsibilities:
Performs user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures of the organization
Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines
Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
Performs threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities
Applies patches where appropriate and, at the direction of [manager responsible for security administrator], removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
Locates and repairs security problems and failures
Collates security incident and event data to produce monthly exception and management reports
Performs normal and exceptional processing of user access and change requests, escalating such requests when appropriate
Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes
Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues
Develops and maintains documentation for security systems and procedures
Researches, recommends, evaluates and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations
Provides guidance to junior members of the team
Qualifications:
Minimum of [2+] years of IT or network security experience:
[1-2] years of experience for a junior security administrator
[3-5] years of experience for a senior security administrator
Bachelor's degree in information systems, or equivalent work experience
Certifications from [list of required vendor certifications].
Certifications from [list of required independent security organizations offering certification] or other certifications at the discretion of [manager responsible for security administrator]
Strong analytical and problem-solving skills to enable effective security incident and problem resolution
Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
Ability to work well under minimal supervision
Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel
Strong written and verbal communication skills
Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships
Experience in developing, documenting and maintaining security procedures
Technical Competency
Knowledge of cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
Technical proficiency with security-related systems and applications, especially [list of technologies used by (company name)]
Experience in developing, documenting and maintaining security procedures
Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts
Working technical knowledge of current systems' software, protocols and standards
Strong knowledge of TCP/IP and network administration/protocols
Required Skills:
Network Infrastructure Information Security Network Security Firewalls Escalation Routers Risk Assessment Information Systems Switches Operating Systems Interpersonal Skills Infrastructure Security Vendors Administration Documentation Software Preparation Communication Management