Beacon Hill Technologies is currently looking for an IT Security Administrator for a client located in Brecksville, Ohio. This is a contract to hire role.
GENERAL DESCRIPTION OF DUTIES
Under direct supervision, the IT Security Administrator performs two core functions. The first responsibility is the day-to-day operations of existing information security solutions. This work includes identifying, investigating and resolving potential security breaches detected by those systems. The second responsibility includes involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The IT Security Administrator is expected to be fully aware of the security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.
EXAMPLES OF ESSENTIAL FUNCTIONS
The list of essential functions, as outlined herein, is intended to be representative of the tasks performed within this classification. It is not necessarily descriptive of any one position in the class. The omission of an essential function does not preclude management from assigning duties not listed herein if such functions are a logical assignment to the position. In addition, this position is required to function in a backup role within the department to ensure the proper operational coverage during periods of staffing shortages.
Strategy & Planning
Ensure management, operational and technical security controls for information systems and facilities align with security plans and security architectures.
Assistant in the delivery of security awareness program and that the program remains current.
Under direction of the. Security Committee, maintain and update the security documents (policies, standards, baselines, guidelines and procedures).
Maintain and update the Business Continuity Plan and Disaster Recovery Plan, where appropriate.
Implement effective corrective action plans (eg, security policies, risk management, review of security controls, rules of behavior, computer security and operations, contingency planning, documentation, training, incident response, and audit trails, etc.) that have been identified by the R.IT.A. Security Committee.
Maintain and update the compliance stance (eg. PCI, IRS Publication 1075, SOC-1) Provide end-user training/knowledge transfer sessions to facilitate peer growth.
IT Security Administrator
Provide strategic planning assistance with respect to security to all areas of the Information Services department (eg. Network, Configuration Management, Help Desk and Development teams)
Acquisition & Deployment
Procures and implements, where applicable, security technology that reduces management, operational or technical risks for all information systems and facilities.
Identifies competitive pricing and alternatives for the security investments.
Maintains up-to-date baselines for the secure configuration and operation of all hardware and software, whether they be under direct control (ie, security tools) or not (ie, workstations, Servers, network devices, etc.).
Ensures secure configurations of all in-place security and operational hardware and software per established baselines.
Reviews and maintains security audit logs and reports of all hardware and software, whether they be under direct control (ie, security tools) or not (ie, workstations, Servers, network devices, etc.). Interprets the implications of that log activity and devises plans for appropriate resolution if activity is the result of a security incident.
Participates and supports management in security related investigations of problematic activity.
Participates in the design and execution of vulnerability assessments, penetration tests and security audits.
Provides level 2 and 3 on-call support for end users for all in-place security solutions.
Monitors and maintains all network and host based Firewalls, intrusion detection/intrusion prevention, authentication services, Internet URL filtering and E-mail filtering systems.
Administers, maintains, and monitors all physical security card key and CCTV systems.
Participates in the planning and design of security architecture, under the direction of the Security Supervisor, where appropriate.
Administers software and equipment service contracts for security hardware and software. Monitors service level agreements of vendor provided services.
Performs the deployment, integration and initial configuration of all new security systems and of any enhancements to existing security solutions in accordance with industry standard best operating procedures and the security documents specifically.
Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Security Supervisor, where appropriate.
IT Security Administrator
Participates in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the IT Security Manager, where appropriate.
MINIMUM TRAINING AND EXPERIENCE
Bachelor's degree in information technology or closely related field; supplemented by 2-3 years of hands on experience in medium to large networks or 3-5 years' experience in information security administration; or an equivalent experience with Firewalls, VPN appliances, URL filters, e-mail filtering and anti-virus software; and a working technical knowledge of network and host based intrusion detection and prevention systems, vulnerability identification and scanning software and security event management and correlation software; and a strong understanding of the vulnerabilities associated with TCP/IP and other network and application protocols and vulnerabilities effecting the Microsoft Windows operating system.
Available and interested candidates should apply to this posting or send your resume to (see below)