Responsibilities:

Participate in developing an IT strategic plan, evaluate/review existing infrastructure security configuration, and plan recommendations for future enhancements/solutions for environments of 300+ users. Conduct accurate network inventory and security assessments through vulnerability testing and risk analysis. Perform both internal and external security audits. Analyze security breaches to identify the root cause. Read, understand, and recommend solutions based on the results of internal and external audits. Verify the security of third-party vendors and collaborate with them to meet security requirements. Use network monitoring tools and security incident event monitoring to carefully examine network traffic and to identify both external and internal threats to ensure security specifications meet the client’s infrastructure guidelines. Work closely with the IT team in designing and implementing a multi-layer security strategy. Participate in the execution of disaster recovery testing. Provide security expertise to business applications ensuring they are deployed and implemented securely. Research and design short- and long-term changes and enhancements to the infrastructure. Ensure the network and systems dependent upon the communications infrastructure operate efficiently and effectively. Review access/security logs and reports findings and provide recommendations to the Director of IT. Works with various stakeholders and assists in the development and maintenance of the access control matrices as they apply to various applications.

Requested Qualifications:

Minimum of 3-5 years of IT security experience. A Degree must be in Computer Science or a related field (e.g., Cyber Security, Information Technology, Information Assurance, Information Security, Information Systems, Computer Engineering, Systems Engineering, Computer Forensics). Should be familiar with a variety of hardware and software platforms with an understanding of core technologies, pertaining to security risks and mitigation, such as TCP/IP, DNS, DHCP etc. Experienced implementing NIST Cyber Security Framework (NIST 800-53) and CSC20 controls standards. Knowledge of IT data security compliance programs preferred including HITRUST, SOC 2, HIPAA/HITECH, NIST/CMS, or similar (e.g. FINRA). Experience working with networks of 300+ users. Efficient with OS Security, Windows & Linux. Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Network and system administration may account for some, but not all, of the experience. Demonstrate experience creating detailed reports of risk findings and recommendations/ roadmap for improvement. Must be able to work independently and/or in teams to accomplish stated goals. Familiarity with project management or experience participating with longer timeframes a plus. Experience with Ethical hacking, Intrusion prevention, Incident response, Computer forensics and Reverse engineering.

Desired Current Certifications:

Certified Expert Independent Assessors CompTIA Security + CompTIA Network+ CWAPT Certified Penetration Tester Certified Reverse Engineering Analyst Certified Ethical Hacker GDPR HITRUST Assessors

What we can offer?

A fun and fulfilling place to work Competitive pay. Health, dental, vision & life insurance 401k retirement savings plan Yearly handbag allowance Product discounts

Benefits:

401(k) Dental Insurance Disability Insurance Employee Discount Health Insurance Life Insurance Paid Time Off Vision Insurance