IT Security Specialist - Pearl River, United States - D.F. Young

Description

An experienced information security specialist to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches, and to ensure compliance with our mandated government and regulatory standards.

Responsibilities:
Developing and implementing a comprehensive plan to secure our computing network.
Maintaining all information security standards, procedures, and guidelines, including compliance monitoring, procedures, and documentation.
Building and managing the programs supporting existing compliance control activities and initiatives.
Integrating ongoing changes to laws, regulations, and NIST frameworks as required into daily activities.
Ensuring the ongoing integration of information security with business strategies and privacy requirements.
Performing and managing the security audit program to assess effectiveness of policies and procedures and systems security safeguards.

Analyzing application security needs based on the sensitivity or confidential nature of the data and implement security structure to support the data security needs of systems being developed or enhanced.

Working with senior management to determine acceptable levels of security risk for the agency.
Conducting technical risk assessments, application security reviews, and coordinating network penetration testing activities.

Providing direction for the physical protection of information systems assets and responding in a timely manner to the misuse or loss of information assets.

Developing emergency procedures for handling security breaches, manage internal communication regarding security and providing estimates of budgetary requirements for security related items and upgrades.

Documenting any security breaches, assessing their damage and coordinating remediation of suspected information security incidents.
Communicating unresolved security exposures, misuse, and noncompliance situations to senior management.

Monitoring the security information and event management (SIEM) system/ MSSP incident reports, Microsoft O365 and Active Directory activity/ access/ security logs.

Managing SIEM (security information and event management) tasks.

Interfacing with project management teams to assess associated project risk exposures and communicate feedback to project teams and senior management regarding risk minimization solutions.

Providing annual and on demand trainings to workforce members to ensure understanding of security requirements and exposures.

Keeping up to date with developments in IT security standards and threats, and changes in legislation and accreditation standards that affect information security.

Qualifications:
Degree in computer science or a technology-related field.
Professional information security certification.

Thorough knowledge of current Federal and State information security laws and regulations as they pertain to safeguarding CUI & FCI.

Solid knowledge of various information security frameworks.
Excellent problem-solving and analytical skills.
Experience with disaster recovery planning, testing, auditing, risk analysis, business resumption planning and contingency planning
Ability to oversee and conduct internal risk and security assessments, as well as enterprise security management tool evaluations.
Experience with TCP/IP firewalls, VPNs and other security devices
Effective verbal and written communication skills.
Experience in project management and change management.


Benefits:
Life Insurance, 401K Match, Flexible Spending Accounts, Medical, Dental, Vision


About the Company:
DF Young Inc


Company Size:

Headquarters:
Pearl River, NY, US

#J-18808-Ljbffr