Are you a motivated, self-driven independent thinker, passionate about security? Do you thrive on developing innovative solutions to complex security problems? Can you stay ahead of the business with solutions that allow for flexibility while addressing risk? Do you enjoy owning projects, and want to continue to be empowered to get things done? Are you interested in building your breadth by getting your hands dirty across multiple applications? Can you dissect a pcap, filer logs from multiple systems/formats or identify web vulnerabilities from a code or configuration review? Do you want to have fun while working in a fast paced environment?
If this sounds like you, then bring your expertise to our team as a Security Information Specialist.
The Security Information Specialist is a member of the Information Security Engineering team, reporting to the V.P. of Information Security, and is responsible for designing, configuring and monitoring security system infrastructure and hardening systems against threats. As a hands-on technical specialist, the Security Information Specialist will handle complex and detailed technical work necessary to establish and maintain a high level of security for information systems. The Specialist will have broad knowledge in the implementation and use of information security processes and tools (e.g. Encryption solutions, change detection and SEIM tools, gateway systems, mobile and cloud integration, incident response). The position requires a background within an IT discipline in a global enterprise environment such as networking, systems, data bases or application development. The successful candidate needs to enjoy a fast paced, high growth, detail oriented, tight knit team environment where input is valued and success is rewarded.
•Support of global Information Security infrastructure
•Lifecycle management including upgrades, patches, vulnerability management, troubleshooting and system SLA’s. You will need to know when your existing technology and process can be leverage into additional projects to address risk
•Implement and test controls for IT and business systems
•Work with IT and business departments to ensure their systems and code address risk management requirements
•Work with the business and IT to develop or integrate systems while addressing and reducing risk. This includes researching relevant technologies, running proof of concepts, assessing operational costs and making recommendations for deployments
Incident Management 20%
•Bring your area of expertise to our Incident Management process as you will assist or take the lead on assigned Incident cases
•Must be able to work independently demonstrating risk assessment and mitigation expertise in IT or IS, along with a track record owning information security/technology projects from start to finish
•7-10 years (minimum) experience in the field of information security in at least three of the following areas: application whitelisting, incident handling, malware analysis, penetration testing, intrusion detection, firewall access control technologies, vulnerability management, identity management, Windows or *nix security, cloud integration security, encryption technologies, or endpoint security controls
•If total Information Security experience is less than 7 years, 5-7 years in an area of information technology in two of the following areas: systems engineering (Windows/*nix), networking, applications engineering, database management, client-side technologies or systems' administration
•Technical certifications are a plus including:
◦GIAC Certifications in the areas of Windows Security, Incident Response, Forensic Analysis, Auditing, Mobile Device Security, Network Analysis, Malware Analysis from the SANS Institute
◦Networking certifications including CCNP Security
Apply now to bring your expertise to our team as a Security Information Specialist.
FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER