â¢ Administers, monitors, and maintains core information security tools including but not limited to Intrusion Detection and Prevention System (IDS / IPS), two factor authentication system, remote access, monitoring and Logging, anti-
virus, encryption, SIEM, forensics.
â¢ Collects and compiles metrics for IT and business reporting. Updates reporting presentations for review by management and presentation to IT and organization wide leadership
â¢ Tracks project activity and representation duties. Alternate InfoSec representative on company projects. Monitors project adherence to security baselines.
Escalates variances to the attention of senior team members.
â¢ Provides IT staff with advice on security architecture objectives and components. Represents Information Security on project teams to ensure compliance with policy and architectural objectives.
Escalates non - compliance to senior team members for resolution.
â¢ Provides Information Security policy awareness and consulting within the Information Security team and across IT.
â¢ Maintains policy library. Tracks policy review according to defined schedule. Escalates concerns over policy review cycle including delays and needs for new policy documents.
Researches, recommends, and implements changes to procedures and systems to enhance data systems security.
â¢ Initial point of contact for vendor requests. Facilitates vendor visits, access requests, and collects sample data to support testing.
â¢ Tracks request for contract reviews to ensure the proper resources are assigned and responses are returned within SLA.
â¢ Monitors, reviews, and coordinates efforts for ensuring adherence to regulatory and external requirements to provide input into audit and customer inquiries.
â¢ Identifies communication requirements based on emerging issues and provides awareness input into annual training program.
Provides ad - hoc security awareness advice across IT.
â¢ Sends and receives Vendor Risk Assessment Questionnaires (VRAQs). Evaluates returns for accuracy and completeness, compiles answers and tracks documents in repository
â¢ Monitors log files and Information Security Systems for threats / risks, vulnerabilities, viruses, and network hacks within the Company environment and generates tickets to address alarms Monitors real-
time policy based monitoring systems and responds to non-compliant activities, events, or notifications.
â¢ Identifies potential threats and respond to security violations. Determines causes of security violations and recommends corrective actions to ensure data security.
Manages incident reporting and tracking site and ensures investigations are assigned for review and closure.
â¢ Tracks, analyzes, and reports the status of legal and regulatory compliance of Information Security policies, procedures, and configurations.
Escalates findings for resolution. Maintains an awareness of regulatory and contractual compliance impacts within IT.
â¢ Reviews and resolves Help Desk trouble tickets. Escalates tickets as necessary to SMEs for resolution. Ensure tickets are being responded to in accordance with established service levels.
â¢Location : BGC
â¢Work schedule : Mid to night shift