IT Security Specialist at GVA Partners

Job Description

• We are looking for a talented IT Security professional to join a high-performing team that is charged with governing, managing and delivering our company’s cyber security.
• As a Senior Security Specialist, this position will provide the individual an opportunity to help shape the direction of our company’s cyber security programs by providing thought leadership, professional support and valued contributions to a range of activities.
• We are looking for an experienced security professional with strong technical skills across various security technologies, working knowledge of security incident response protocols, and an awareness of emerging cyber threats and trends.
• This position plays a critical role in identifying, protecting, detecting and responding to potential security vulnerabilities, while also providing consultative support for security-related projects.
• The right person will bring passion that promotes continuous learning, and a drive to regularly identify and assess new or emerging capabilities.

Responsibilities
This position is responsible for monitoring and managing preventative security technologies, detecting and responding to possible vulnerabilities, assessing potential risks, and helping to mitigate emerging threats. Specifically, this role is part of a team that is responsible for:

• Shared management of the company’s security technologies, including platforms that support Security Information Event Management (SIEM), Intrusion Prevention, Intrusion Detection, Log Aggregation, Endpoint Detection and Response and Threat Intelligence. Employing the security technologies to continuously monitor the company’s assets, and then taking action to respond to potential vulnerabilities and threats. This work includes reviewing automated alerts, correlating information from various sources, triaging and removing potential malware infections, and applying preventative controls to mitigate risks.
• Interacting and partnering with the Security Operations Center (SOC) team members on incident response activities
• Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner. As such, this role requires 24x7 on-call coverage for response to potential security incidents.
• Reviewing security intelligence information and researching emerging threats in order to proactively identify and prevent potential threats.
• Conducting deeper analysis into security logs, network traffic patterns, and correlated information, as a means of ‘hunting’ for advanced persistent threats.
• Supporting technical threat / risk assessments, including Penetration Testing, Vulnerability Scanning, Patch Management, etc.

Qualifications

• Bachelor's Degree in Computer Science, Information Security, Engineering, or related field.
• 6-10 years of work experience in Information Security, and in similar technical roles, such as networking and scripting technologies
• A broad and diverse security skill-set with advanced understanding of modern network security technologies (e.g. Firewalls, Security Information Event Management, Intrusion Prevention, Intrusion Detection, DDoS protections, Log Aggregation, Anti-Virus, etc.).
• Practical experience and knowledge of operating systems (UNIX / Linux / Windows), network communication protocols, application layer security, firewalls, packet analysis and scripting skills.
• Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, infrastructure, and applications.
• An ability to identify and assesses the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.
• Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.
• Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
• Organizational skills that enables one to work on several tasks simultaneously, providing management with appropriate insight into the workload and priorities.
• Original and innovative thinking that produces new ideas and creates innovative solutions.
• Demonstrated ability to develop and implement process improvement initiatives.
• Passion around technology and information security with a concerted focus on researching and understanding threats that cover all levels of IT architecture, including those that affect business processes, data, applications, network systems and infrastructure.
• A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.