Information Security Specialist IV-Houston
Information Security Analyst
Working under general supervision is responsible for the analysis, design, development, testing, documentation and implementation of information and network security solutions, standards, guidelines and procedures to ensure on-going maintenance and security. Recommends and assists with developing new security strategies and support of existing systems. Coordinates the analysis and design of automated security monitoring and alert systems. Ensures that security programs remain in compliance with relevant laws, regulations and policies to minimize or eliminate risks and audit findings. Performs duties in a safe, efficient manner and in compliance with all applicable rules and safety procedures.
- Progressively safeguards information system assets by identifying and solving potential and actual security problems.
- Recognizes problems by identifying abnormalities, resolving problems and reporting violations utilizing current cyber security tools including: System Incident and Event Management; and Advanced Threat Analytics.
- Assists in investigating and documenting security incidents.
- Assists in developing, publishing and maintaining up-to-date information security standards and guidelines.
- Implements security improvements by executing daily vulnerability system scans, assessing current situations, evaluating trends and anticipating requirements.
- Analyses monthly security patches and ensures that patches are deployed as defined by policy.
- Determines security violations and inefficiencies by conducting periodic audits.
- Upgrades system by implementing and maintaining security controls.
- Keeps management informed by preparing performance reports and communicating system status.
- Relies on experience and judgment to plan and accomplish information security goals and objectives.
- Performs a variety of complicated tasks requiring a wide degree of creativity and latitude.
- Promotes safety awareness and follows safety procedures in an effort to reduce or eliminate accidents.
- Performs other duties as assigned.
- Bachelor’s degree in Information Technology or related field is preferred.
- Minimum five (5) years’ experience with current IT security technologies.
- Experience with PCI, HIPPA, PII and internal/external audits. CobiT, NIST 800 preferred.
- One or more of the following certifications required: CISSP, CISM, CEH, SANS GIAC Security Essentials (GSEC).
- Experience in one or more of the following: MS Active Directory, VMWare Security, LINUX Security, Network Technology, Server & Storage Technology, Network security, Firewall Administration and IDS/IPS Administration.