The System/Data Security Specialist role is responsible for a full range of activities, which ensures the operational effectiveness and excellence of the various system/data security technologies used by MBOD functions globally. This role is responsible for analyzing and managing the organization’s systems and data security infrastructure according to best practices, while ensuring high levels of data quality and availability.
Roles and Responsibilities:
- Develops, tests and implements security plans, products and control techniques.
- Coordinates the reporting data security incidents.
- Leads the development and review of risk assessments and implementation of appropriate data security procedures and products.
- Develops cost estimates and business justifications for security products and services
- Monitors existing and proposed security standard setting groups.
- Oversees performance by vendors and 3rd parties with regard to security controls, protection of customer data and contractual responsibilities
- Stays up-to-date with State and Federal legislations pertaining to Information Security. Works with compliance team to update local policies and advises leadership on recommended changes.
- Implements security controls to protect and detection infiltration attempts and other malicious activity that would pose a risk to the organization’s technology systems and data.
- Document and maintain system and network baselines
- Administers security policies to control access to systems and oversees firewall rule creation and modifications.
- Works on complex problems requiring in-depth cybersecurity analysis
- Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.
- Work leadership may be provided by assigning work and resolving problems.
Enterprise Role Overview
As an experienced professional, provide advice to client management with regard to moderately complex security issues. Develops, tests and implements security plans and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.
- 5+ years of information security or risk management experience with proven ability to effectively apply risk principles to challenging business situations
- Must display strong subject matter expertise in application security, vulnerability testing and development of a risk appetite
- Excellent influencing and problem resolution skills
- Strong project management skills
- Working knowledge of the Microsoft Office Suite
- Active Directory & supporting systems (DNS, WINS, etc.)
- Distributed File System (DFS)
- Windows security (patching, AV, GPO, authentication, etc.)
- Linux and Windows (Server 2003 through Server 2012)
- Strong, self-motivated individual
- Ability to work with vendors in support of systems
- Experience with scripting tools
- Networking troubleshooting skills (simple routing and switching, firewall ports, etc.)
- Experience operating, maintaining and analyzing data from security systems, such as vulnerability scanners, firewalls, IDS/IPS, full packet capture, and SIEMs.
- Experience IAM tools such as SSO and MFA
- Bachelor’s degree in System/Data Security Technology or related field
- 7 + years of experience in technology and 5 + years of experience in the system/data security
- Recognized information security or IT audit professional certifications (e.g. CISSP, CEH, GISP, CISA)
- Experience implementing or managing security programs based on frameworks such as ISO 27000, NIST 800-53, NIST 800-171, or NIST CSF
- Experience with risk assessment methodologies such as OCTAVE, FAIR, CBANC or COBRA
- Storage experience/management
- Experience with EPP or EDR tools
- Experience in the remediation of related System/Data Security risks/vulnerabilities
- Strong analytical skills/problem solving/conceptual thinking
- Ability to work with Technical and Non-Technical business owners
- Financial Institution knowledge is strongly desired
1st shift (United States of America)
Hours Per Week:
Learn more about this role