This individual will act as the ldquofront line defenserdquo by ensuring that security alerts are reviewed, remediated, or escalated with appropriate urgency and all response actions are documented accurately. This is a fundamental role in protecting the information assets of the organization by effectively identifying and responding to potential indicators of compromise or attack. Responsibilities and Duties bull Enforce policy, guidance, and training requirements according to Best Business Practices BBPs bull Ensure implementation of system updates, reporting, and compliance procedures bull Ensure users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the TMC information bull Ensure users receive initial and annual Cyber Security Awareness training, as well as troubleshoot issues and repair systems bull Ensure log files and audits are maintained and reviewed for all systems and that authentication (for example, password) policies are audited for compliance bull Prepare, distribute, and maintain security plans bull Review and evaluate the effects on security of system changes bull Ensure that all Systems within their area of responsibility are certified, accredited, and reaccredited bull Ensure system recovery processes are monitored and that security features and procedures are properly restored bull Maintain current software inventory and ensure security related documentation is current and accessible to properly authorized individuals bull Monitor alerts, detections, or other indicators of compromiseattack from a variety of information security solutions. bull Investigate, contain, eradicate, andor escalate security detections as appropriate bull Document and generate reports of detections and response actions for review by management and other stakeholders bull Assist in the analysis of vulnerabilities bull Monitor security platformsrsquo health for errors, misconfigurations, or performance alerts bull Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats and assist in investigations. bull Support end-users and other stakeholdersrsquo requests related to information security service bull Perform control testing and other risk management activities bull Provide information in response to assessments and audits bull Maintain an understanding of the systems, solutions, and technologies deployed on the ITS network. Qualifications and Skills bull 10 yearsrsquo experience in Information Security andor Information Technology in an operations or support role bull At least 5 years prior experience in an information security incident response role. Experience troubleshooting andor securing computer systems and networks bull Experience with SIEM platforms bull Experience reviewing logs, scripting tasks, or creating structured queriesregex searches bull Familiarity with Cisco security products and operational practices bull VOIP and QOS knowledge is a plus bull Awareness of Information Security best practices and regulatory requirements bull Bachelorrsquos degree in Computer Science, IS or Information Security a plus CISSP, CISM, GIAC andor similar certifications a plus bull Strong professional communication skills, both verbal and written bull Strong understanding of computer systems and networking principles bull Strong analytical skills and strong knowledge of data analysis tools bull Ability to parse logs, create queries, and perform root cause analysis of events bull ProgrammingScripting skills are a plus
from Up Nashville https://ift.tt/3xd394m
via IFTTT
Nashvillejobs 