Job Summary
This position is an experienced, senior level, hands-on technical lead, performing privileged access management (PAM) security functions and PAM maintaining systems, while providing technical guidance to the team. Manages PAM technologies, as well as PAM security policies and procedures, and incident response as needed. Provides technical expertise and support IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
Job Responsibilities
Responsibilities include:
• Leads and manages PAM technologies
• Provides technical expertise in threat/risk assessments related to privileged access
• Defines, designs, and implements strategies to protect against emerging threats using PAM tools
• Responds to security incidents as needed
• Performs security reviews on new PAM technologies and changes to existing technologies
• Manages information privileged access management technologies.
Job Specific Qualifications
Required:
• Bachelor's degree in Computer Science, Information Systems, Cyber Security, Math or Engineering and a minimum of 4 years of experience in Information Security; In lieu of a degree, 8 years of experience in Information Security.
• Experience providing technical PAM expertise IT management and staff in cybersecurity threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize or quickly recover from cyber-attacks or other serious events.
• Must have strong Identity and Access Management (IAM) and PAM experience.
• Must be proficient in defining processes and procedures for PAM.
• Ability to follow cyber security news and alerts, understands complex attack vectors and risks, and identifies and evaluates emergent cyber security threats and vulnerabilities.
• Demonstrated ability to recommend appropriate corrective actions for information security incidents and provides risk mitigation recommendations to management and team.
• Experience with designing process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
• Experience with reviewing complex IAM architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.
• Must be able to work independently with little or no supervision.
• Must demonstrate strong verbal and written communication skills.
• Must demonstrate strong leadership, technical teamwork, and interpersonal skills.
• Ability and willingness to work in strong team environment, constantly teaching and learning from other team members.
• Ability to foster working relationships with the team, IT Management and Client departments.
• Ability to explain technical concepts to the business users in the context of business requirements.
• Must demonstrate technical experience including: information / data / network / computer security design, administration and/or assessment.
• Must demonstrate broad knowledge of information systems including Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
• Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
• Must demonstrate strong organizational, managerial, and financial management skills.
• Must demonstrate the ability to communicate effectively with both technical and non-technical individuals.• Must have strong planning skills and be results oriented.
• Must demonstrate a solid working knowledge of Information Security principles and practices.
Desired:
• ISC2 Certified Information Systems Security Professional (CISSP) or equivalent
• Programming Experience in Python
NOTE:
• Approximately 5% Travel required