Security Specialist II

Overview

This position will support a wide range of security activities for TierPoint’s Information Security Office and the Security Operations Center.  Under the direct supervision of the Senior Director, Security Operations Center, this position provides security assistance through operations, incident response, threat hunting, malware analysis and network/host scanning for vulnerabilities, and system remediation activities.

Responsibilities

• Provide quality internal and external customer service surrounding the Company values.
• Serve customers (both internal and external) with the highest degree of courtesy and professionalism.
• Coordinate security response with other TierPoint managed services teams.
• Assist customers with various tuning security tools.
• Perform daily industry & vendor alert review.
• Coordinate and/or perform vulnerability scans and penetration tests with written reports internal, external, and customer-facing, researching exploit results and mitigation.
• Support Information Security/SOC with implementation, installation, testing, architecture, and development of internal security and other systems including SIEM platforms.
• Assist the Information Security/SOC with internal systems and one-off security solutions including but not limited to operation, maintenance, scheduling, development, architecture, documentation, and delivery.
• Responding to security incidents, customer/internal as required.
• Monitor network, infrastructure, and endpoint for emerging cyber security threat landscape.
• Monitor platforms for violations of the company’s AUP.
• Coordinated work between Compliance and Information Security on policy development and auditing.
• Assists in securing networks, workstations, web servers, and application servers, firewalls, endpoint protection policies, and code analysis to adhere to security best practices.
• Perform Vulnerability scanning of Corporate Assets.
• Response to various DDoS attacks and mitigate/action as needed
• Analyze and diagnose complex web application issues
• Work with Apache, IIS, Tomcat, and possibly other web hosting technologies
• Maintain a high degree of confidentiality
• Other duties as assigned

Qualifications

• Fundamental understanding of information security systems and functions including but not limited to: intrusion systems, firewalls, denial of service protection, log management, vulnerability scanners, penetration testing tools
• A minimum of three (3) to five (5) years of experience in an information technology position.
• Excellent verbal, written, and interpersonal skills
• Ability to adapt to shifting priorities, demands, and timelines with strong analytical and problem-solving capabilities
• Ability to collaborate with multidisciplinary teams
• Ability to work independently as well as in a team environment including multi-level staff and external partners
• Proficiency in using MS Office Suite and Windows-based computer applications
• CJIS Security clearance may be required

Preferred Experience

• Technical writing, SOP development, incident response experience
• Associates degree in security or related field
• Certification such as CISSP, Security , CEH, CISM, GCIA, GSOC, GSEC, CySA , Linux , NSE 4
• Compliance background (NIST/PCI/HIPAA/etc.)
• Prior experience particularly in the data center industry