IT Security Specialist Job Description
IT Security Specialist Duties & Responsibilities
To write an effective IT security specialist job description, begin by listing detailed duties, responsibilities and expectations. We have included IT security specialist job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Security Specialist Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Security Specialist
List any licenses or certifications required by the position: CISSP, GIAC, SANS, ITIL, CCNA, CISA, CISM, GSEC, MCSE, MCP
Education for IT Security Specialist
Typically a job would require a certain level of education.
Employers hiring for the IT security specialist job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Education, Computer Engineering, Information Security, Information Systems Security, Management, Information Technology, Engineering, Business, Communication
Skills for IT Security Specialist
Desired skills for IT security specialist include:
Desired experience for IT security specialist includes:
IT Security Specialist Examples
IT Security Specialist Job Description
- Act as the InfoSec SME for Infrastructure, Applications and Business initiatives
- Coordinate with IT and business partners to assess, implement, and monitor IT-related security risks
- Develop and implement security standards, procedures, and guidelines for multiple platforms and diverse environments
- Provide IT system security requirements analysis for the project system for the Government, Commercial, and Academic sponsors
- Develop security standards and best practices for the system and organization that are aligned with their requirements
- Ensure practices meet compliance with external and internal requirements
- Recommend security improvements to optimize security posture
- Assess emerging requirement and develop options and recommendations for senior level management
- Determine security violations and inefficiencies and develop action plans to address them
- Work with stakeholders within the organization to improve existing best practices, correct ineffective current practices, and address security gaps as needed
- Waiver/exception writing
- At least 2 years experience in Penetration Testing
- 3 years minimum of work experience in a security related field
- Experience in infrastructure development/operations
- Experience assisting with the development and maintenance of tools, procedures, and documentation
- Adept at operating independently, with initiative and integrity
IT Security Specialist Job Description
- Disseminate information about policies and procedures in support of the security initiatives
- Monitor security posture and proactively correct vulnerabilities and respond to IT system security issues
- Act as the LASP Security Officer to NASA and as such support any required audits or reports
- Stay up-to-date on security related trends to keep system current
- Work with Information Security leads to establish target security profile for all monitored assets
- Assist in Identity and Access Management tasks by ensuring proper account creation for staff members and contractors, assigning the appropriate access levels
- Perform periodic self-inspections, tests and reviews of the Information Security program to ensure that systems are operating as authorized/accredited and that conditions have not changed
- Some travel may be required, flexibility as off-hours activity will be needed to coordinate with globally dispersed teammates and stakeholders
- Monitors and utilizes intrusion detection systems and security tool-sets for the identification of suspicious and malicious activities and inadequate security practices across the City’s network (e.g., analyzes network traffic, vulnerability scans, identification of computer viruses, unauthorized user activity) which may compromise the integrity and availability of systems
- Functions as a liaison with operating departments IT personnel to ensure City security technology processes and procedures are adhered to (e.g., approval of hardware/software purchases, provide technical expertise and guidance)
- At least 2 years experience in At least 2 years experience in a Security Operations Role
- Experience with Source code review, threat modeling is a plus
- Systems Administration of of the following Linux, Solaris, Windows 2000/2003 server administration including Active Directory and/or iSeries AS/400
- You are a skilled, disciplined and self-guiding IT security specialist that is used to coping
- Ability to understand code written in PHP (CakePHP)
- Experience with log management and/or SIEM technologies such as Splunk, ELK, SLM
IT Security Specialist Job Description
- Run/Attend management systems as required, which identifies and reports on Identity and Access Management non compliances which must then be tracked through to resolution
- Supporting audits and internal compliance initiatives
- Define, manage & derive IT security requirements
- Facilitate and participate in risk management activities related to IT security
- Perform risk assessments of new regional IT projects
- Facilitate and participate in security testing activities related to IT security
- Follow-up on risk treatment plans and results from security testing activities
- Monitor and measure compliance with the ISMS
- Facilitate and participate in regional IT audits
- Establish and follow-up on corrective action plans from regional IT audits
- Bachelor's degree in computer science, engineering or five years of comparable work experience
- Conduct systematic security assessments of solutions (including on premise and external solutions such Nestlé Web Sites, Cloud Solutions, ) to identify security risks
- Provide advice to the stakeholders to mitigate the security risks and validate compliance with Nestlé security Standards and industry best practice and Standards
- Design, implement and test compliant network security systems and solutions, including digital and cloud
- Ensure new solutions are implemented "Secure & Compliant by Design" following a risk based methodology
- In conjunction with the Nestlé Security Operations Center ("SOC") provide an incident investigation and response service
IT Security Specialist Job Description
- Monitors and manages security devices such as Firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), VPN devices, and Security Event Management Systems
- Assist in local Internal Control Catalogue assessments
- Perform security team compliance reviews
- Security advisory service in general (both to business, local IT and outsourcing providers)
- Education and training of employees in IT security in general
- Security review summary from initial security review of new projects
- Risk treatment plans
- ISMS implementation and compliance
- IT audit corrective action plans
- Local assessments
- IA Certifications Level II
- Communicate and escalate security issues to management and key stakeholders
- Implement and maintain information security procedures and Standards in accordance with the Group IS/IT Security Policies
- Ensure the quality of information security services to Markets, business & functional units and act as an escalation point for Security related services
- SPOC for projects to ensure they comply with Security standards
- Interact with Security vendors
IT Security Specialist Job Description
- Security testing activity reports
- Education and training of employees
- Serve as a Center of Excellence for all inquiries regarding Information Security and improve Information Security management capabilities, knowledge, competence and skills within the IT department
- Establish and continuously improve the Information Security Program at MBUSA
- Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans
- Monitors and proactively mitigates information security risks and conducts system security testing
- Recommends, develops, monitors, and enforces information security policies, Promotes general security and HIPAA security awareness among staffs
- Conducts research on emerging products, services, protocols, and standards in support of security efforts, Handles security incidents responses Ensures security regulations compliances including AICPA trust criteria, HIPAA, DIACAP, ISO 27001 and other local and state regulations, Oversees, manages, and provides technical expertise on security safeguards such as Checkpoint firewall, IPS, anti-virus systems, VPN, and secure messaging systems
- Handle security related incidents including physical security incidents, provides supports to respond and coordinates to various client and SOC1, SOC2 security audits
- Manage Day to Day Security Operations including perimeter security, security monitoring, Data Loss Prevention, Vulnerability Assessment/Management, malware protection and other operational needs
- Follow-up on security related audit issues
- Bachelor's degree in Computer Science, Electrical/Electronic Engineering or similar field
- Product certifications may be specific to the position
- Experience with enterprise forensic solutions from Encase, Mandiant, FireEye, AccessData, HBGary
- Knowledge of forensics and malware analysis tools SIFT, volatility, FTK, sleuthkit, winhex, ollydbg, IDA Pro, Lord PE
- Strong written and spoken communication skills in both English and Japanese