As a member of IT Security team, contributes to development of a comprehensive information security program. Responsible for implementing and operating information security capabilities, documenting security policies, processes and standards. Reporting to the Director of IT Security, this position is responsible for aligning our asset management capabilities with the NIST CSF standard, proactively managing end-of-life/end-of-support technologies, identifying rogue devices, and verifying device configuration as they are added to the network in order to ensure devices meet information security hardening standards.
Remote from the following states:
• North Carolina
• Serves as a subject matter expert on centralized asset management
• Implements workflows to collect, manage, and analyze security information for assets
• Manage security information for ITAM (Information Technology Asset Management), SAM (Software Asset Management), and non-IT owned and operated (managed?) IoT devices
• Monitors reports and security logs for unusual events.
• Develops asset classification criteria by which assets are managed
• Assists in execution of network scanning and uses asset identification technology to identify and document assets, including, but not limited to:- End Points- Portable Devices (including mobile devices)- IT Infrastructure Components- Network-connected Medical Devices- Network-connected Facility Systems- POS / Payment systems- Software / Applications
• Develop/implement procedure for validating asset inventory data
• Categorize assets to determine asset risk and prioritize security requirements based on asset risk
• Assist in the development / maintenance of Asset Management Policy, Standards, and Procedures outlining requirements and workflows for asset procurement, commissioning, and de-commissioning as well as for installation, configuration, and ongoing tracking/monitoring of assets
• Implement a formalized asset destruction process• Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center.
• Participates in security investigations and compliance reviews, as assigned by management.
• Collaborates with other security and infrastructure team members to identify and implement solutions.
• BA in Computer Science or related field is required or equivalent acquired through combination of education and experience.
• Working knowledge of / experience using industry leading CMDB / ITSM solutions such as ServiceNow or Remedy.
• 3 or more years of experience in Cyber Security and/or Security Operations.