Duties: As a member of IT Security team contributes to development of a comprehensive information security program. Responsible for implementing and operating information security capabilities documenting security policies processes and standards. Reporting to the Director of IT Security this position is responsible for implementing continuous logging and monitoring strategy reviewing/modifying log ingestion as required alignment of logging efforts with incident response use cases to ensure they are supported and participating in cyber incident response.
Position Responsibilities: Serves as a subject matter expert on logging and monitoring activities in support of cyber legal and administrative investigative efforts. Provides second and third-level support and analysis during and after a security incident. Monitors reports and security logs for unusual events. Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center. Maintains/implements roadmap to expand log management to additional sources. Reviews log management and alerting solution to enhance current capabilities to classify and prioritize anomalous activity based on the criticality of potential impact on systems and data. Enhances data analytics and reporting functionality to allow near-real-time reporting data filtering data enrichment and data correlation.Expands database auditing and monitoring capabilities for all critical databases to include those used by Community Connect partners. Assists in the development of security policies and procedures. Participates in security investigations and compliance reviews as assigned by management. Assist in development and deployment of information security awareness training and communication capabilitiesResponsible for operating maintaining and supporting various security tools as assigned by management. Collaborates with other security and infrastructure team members to identify and implement solutions. Works with business partners in resolving security-related infrastructure outages. Must possess expert troubleshooting skills.
Skills: A minimum of 5 years of experience in a related field preferably Cyber Security and/or Security Operations.6 or more years of experience in a related field. In-depth knowledge of cybersecurity frameworks including but not limited to NIST CF HITRUST CSF ISO 27001.
Education: BA in Computer Science or related field is required or equivalent acquired through combination of education and experience.