What are the responsibilities and job description for the Supervisor Information Security position at Shentel?
Shenandoah Telecommunications Company (Shentel) provides broadband services through its high speed, state-of-the-art fiber optic and cable networks to customers in the Mid-Atlantic United States. The Company’s services include: broadband internet, video, and voice; fiber optic Ethernet, wavelength and leasing; and tower colocation leasing. The Company owns an extensive regional network with over 8,300 route miles of fiber. For more information, please visit www.shentel.com.
I. Job Summary:
The Supervisor, Information Security will help lead the security operations and performance of the Information Security program at Shentel while supporting security strategy through continuous review, updating recommendations and fostering adoption by all stakeholders. They will supervise the Information Security operational teams by providing their technical expertise and strategic guidance, as well supporting hiring, training, development, and staff evaluation. The position will also have the responsibility of coordinating cybersecurity activities with Shentel's Service Provider network in addition to the internal applications and network. They will leverage the organization's Incident Response Plan and help lead all responses surrounding security threats while continuously improving detection, response, recovery and vulnerability management activities throughout the organization.
II. Duties and Responsibilities:
a. Will support activities around defining the Information Security program and assist the Information Technology leadership by continuously recommending appropriate evolutions to the program strategy to stay ahead of cybercriminal tactics. Will also regularly provide tactical, technical security advice around new processes, procedures, or technologies that will support the program.
b. Oversee the security operations of the organization including scheduling, duty assignment, and evaluation of performance, and addressing any issues, concerns, or challenges that may arise.
c. The supervisor will train security analysts to use, implement, review, and evaluate events and data to identify threat actors that jeopardize our infrastructure. Will directly and indirectly coach, mentor and grow the analysts to research and respond to attempted or successful efforts to compromise systems and protocols. They will collaborate with team members to coach and shadow on complex opportunities.
d. Help train and educate organization on the security program and threats in the industry. Will include helping support briefings for IT leadership, security steering committees, and executive leadership.
e. Manage risk associated with third-party suppliers including new business solutions, network elements, vendors, and contracted professional services. This will include review and recommendations for new solutions in addition to guiding the application development, services and operations (network infrastructure, help desk, and application support), enterprise project management office, and information security in supplier assessment processes.
f. Provide tactical, technical security advice and examination around cloud security.
g. Work closely with our Sales, Engineering, Operations, Legal, IT Compliance, and IT Leadership teams to define, review, and maintain security policies, controls, procedures, processes and cyber incident response. Regularly test adherence to policies, controls, and procedures.
h. Mentor analysts to create, tune, and optimize alerts within the organization's SIEM and other security tools. Will serve as a technical specialist and escalation point for the security suite of tools.
i. Serve as the team's lead for the analysis and identification of security vulnerabilities in web applications, operating systems, and networks. Including implementation and monitoring of security systems for all irregularities - e.g. failed login attempts, indicators of compromise, abnormal user behavior, etc.
j. Help maintain an information security dashboard for technical operational teams, for IT leadership, and help support the overall information security scorecard. Including appropriate measurement of security program metrics and value-driven KPIs.
k. Development, review, approval, and communication of technical and executive-level reports on the various aspects of the security program, security project portfolio, and security operations.
III. Qualification Requirements:
a. Education: Bachelor’s Degree in Computer Science, Networking Administration, Cyber Security preferred
b. Experience Level: 5-7 years of experience in Information Security, Data Analytics or Security Operations, Splunk or SIEM.
c. 2-3 years of experience as a Senior or Principal Security Analyst / Generalist
d. Licenses or Certifications: CISSP or GISP
e. Preferred Certifications which will also be considered: CEH, GCIH, Security , CCNA Cyber Ops, GWAPT, GPEN, OSCP, OSWE, GSTRT, CHFI, NCSF
IV. Knowledge of:
a. Excellent Verbal communication skills and concise written communication skills
b. Business savvy and an eye for detail with timely execution
c. Ability to develop and analyze complex processes.
d. WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions, Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.).
e. Understanding of Application Security and the OWASP Top 10 principles.
f. Intimate understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.
g. Ability to identify detailed information risk and to apply governance compliance concepts and principles.
h. Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.
i. Experience with mobile device management (MDM)
Shentel provides a drug-free workplace and is an EEO employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, or protected Veteran status.
If you require accommodation or assistance to complete the online application process, due to a medical condition or impairment, please contact a HR Representative at 540-984-5241 or employment@emp.shentel.com. When you contact a HR Representative please identify the type of accommodation or assistance you are requesting. We will assist you promptly.
For technical issues with the website, please contact employment@emp.shentel.com.
EEO is the Law and Pay Transparency
I. Job Summary:
The Supervisor, Information Security will help lead the security operations and performance of the Information Security program at Shentel while supporting security strategy through continuous review, updating recommendations and fostering adoption by all stakeholders. They will supervise the Information Security operational teams by providing their technical expertise and strategic guidance, as well supporting hiring, training, development, and staff evaluation. The position will also have the responsibility of coordinating cybersecurity activities with Shentel's Service Provider network in addition to the internal applications and network. They will leverage the organization's Incident Response Plan and help lead all responses surrounding security threats while continuously improving detection, response, recovery and vulnerability management activities throughout the organization.
II. Duties and Responsibilities:
a. Will support activities around defining the Information Security program and assist the Information Technology leadership by continuously recommending appropriate evolutions to the program strategy to stay ahead of cybercriminal tactics. Will also regularly provide tactical, technical security advice around new processes, procedures, or technologies that will support the program.
b. Oversee the security operations of the organization including scheduling, duty assignment, and evaluation of performance, and addressing any issues, concerns, or challenges that may arise.
c. The supervisor will train security analysts to use, implement, review, and evaluate events and data to identify threat actors that jeopardize our infrastructure. Will directly and indirectly coach, mentor and grow the analysts to research and respond to attempted or successful efforts to compromise systems and protocols. They will collaborate with team members to coach and shadow on complex opportunities.
d. Help train and educate organization on the security program and threats in the industry. Will include helping support briefings for IT leadership, security steering committees, and executive leadership.
e. Manage risk associated with third-party suppliers including new business solutions, network elements, vendors, and contracted professional services. This will include review and recommendations for new solutions in addition to guiding the application development, services and operations (network infrastructure, help desk, and application support), enterprise project management office, and information security in supplier assessment processes.
f. Provide tactical, technical security advice and examination around cloud security.
g. Work closely with our Sales, Engineering, Operations, Legal, IT Compliance, and IT Leadership teams to define, review, and maintain security policies, controls, procedures, processes and cyber incident response. Regularly test adherence to policies, controls, and procedures.
h. Mentor analysts to create, tune, and optimize alerts within the organization's SIEM and other security tools. Will serve as a technical specialist and escalation point for the security suite of tools.
i. Serve as the team's lead for the analysis and identification of security vulnerabilities in web applications, operating systems, and networks. Including implementation and monitoring of security systems for all irregularities - e.g. failed login attempts, indicators of compromise, abnormal user behavior, etc.
j. Help maintain an information security dashboard for technical operational teams, for IT leadership, and help support the overall information security scorecard. Including appropriate measurement of security program metrics and value-driven KPIs.
k. Development, review, approval, and communication of technical and executive-level reports on the various aspects of the security program, security project portfolio, and security operations.
III. Qualification Requirements:
a. Education: Bachelor’s Degree in Computer Science, Networking Administration, Cyber Security preferred
b. Experience Level: 5-7 years of experience in Information Security, Data Analytics or Security Operations, Splunk or SIEM.
c. 2-3 years of experience as a Senior or Principal Security Analyst / Generalist
d. Licenses or Certifications: CISSP or GISP
e. Preferred Certifications which will also be considered: CEH, GCIH, Security , CCNA Cyber Ops, GWAPT, GPEN, OSCP, OSWE, GSTRT, CHFI, NCSF
IV. Knowledge of:
a. Excellent Verbal communication skills and concise written communication skills
b. Business savvy and an eye for detail with timely execution
c. Ability to develop and analyze complex processes.
d. WSUS Management and Deployment, SCCM Package Building and Maintenance, Windows, Endpoint Protection and Compliance systems, Active Directory, Office 365, SIEM solutions, Penetration/vulnerability test suites and compliance regulations (SOX, PCI, etc.).
e. Understanding of Application Security and the OWASP Top 10 principles.
f. Intimate understanding of security measures and testing at an application level that aim to prevent data or code from being stolen, manipulated, or hijacked.
g. Ability to identify detailed information risk and to apply governance compliance concepts and principles.
h. Excellent capability to develop and document security architecture, assessment, and plans. Including strategic, tactical, and project plans.
i. Experience with mobile device management (MDM)
Shentel provides a drug-free workplace and is an EEO employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, or protected Veteran status.
If you require accommodation or assistance to complete the online application process, due to a medical condition or impairment, please contact a HR Representative at 540-984-5241 or employment@emp.shentel.com. When you contact a HR Representative please identify the type of accommodation or assistance you are requesting. We will assist you promptly.
For technical issues with the website, please contact employment@emp.shentel.com.
EEO is the Law and Pay Transparency
Information Security Specialist
US Defense Technology Security Administration -
Alexandria, VA
Information Systems Security Manager (ISSM) III
P-11 SECURITY -
Arlington, VA
Information Systems Security Officer (ISSO)
Cyber Security Innovations -
Suitland, MD
