Information Security Specialist (Investigations)

OVERVIEW:

You’ll be a member of the Security Operations Team and collaborate with our teams on projects and operational work, as part of our security program to meet Transportation Security Administration Security Directives. This position will work closely with IT&S Compliance and other technical teams. The primary purpose of this position is to ensure Information Technology & Services (IT&S) Department is compliant with state and federal regulations by identifying, evaluating, prioritizing, monitoring, and reporting on the effectiveness of operational controls within Information Technology (IT) and Operational Technology (OT) environments.

Security Monitoring / Incident Response

·         Investigate potential security incidents to determine what occurred

·         Respond to security incidents including leading the response for smaller incidents 

·         Apply client context to potential incidents to better understand potential security incidents 

·         Collaborate with your team and the managed service provider to update incident remediation plans

·         Build and develop the investigative program through collaboration and influence

·         Automate response and investigative functions

·         Provide co-ordination and crisis management between engineering groups and security responders during high severity incidents

·         Develop and report on key performance indicators to show the effectiveness of our security monitoring / incident response processes as well as our managed service provider

·         Make technical decisions about our how we work with our managed service provider

Security Consulting

·         Collaborate on projects to ensure that security issues are addressed throughout the project lifecycle

·         Review system designs and identify areas for security improvements

·         Provide ad hoc consulting on tactical security topics

General

·         Evaluate security risks and their impact to the client

·         Create technical documentation for other analysts and teams

·         Make technical decisions on behalf of the client when working with the managed service provider

·         Develop and track key performance indicators for managed service provider

·         While the security monitoring and incident response responsibilities mean that there is an afterhours component to this role, typically it is less than one hour per week.

Requirements

·         Minimum of six years' IT, industrial control systems, or information security experience.  Additional years’ of knowledge/complexity of assignments/experience required for level 3.  

·         Bachelor's degree or equivalent additional work experience

·         ITIL Foundations certified or successful completion within 90 days of starting

Technical Competency

·         A solid understanding of security priorities and concepts 

·         Technical knowledge of mainstream operating systems, complex applications, identity and access management technologies, security information and event management, or endpoint security solutions.

Occupational Personality

·         You’ll interact with company personnel at various levels to understand business imperatives.

·         Strong technical communication skills will be key to your success. Your written and verbal communication skills will help you succeed, as will your ability to communicate security concepts and situations to audiences with varying levels of familiarity with these concepts.

·         Leadership abilities with the capability to direct other technical staff on security initiatives and guide team members 

·         You’ll get to work with minimal supervision. Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

·         Your ability to manage expectations appropriately will help and build long-term relationships. You’ll remain current with industry trends and evolving threats.