Professional Information Security Job Description
Professional Information Security Duties & Responsibilities
To write an effective professional information security job description, begin by listing detailed duties, responsibilities and expectations. We have included professional information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Professional Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Professional Information Security
List any licenses or certifications required by the position: CISSP
Education for Professional Information Security
Typically a job would require a certain level of education.
Employers hiring for the professional information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Education, Management Information Systems, Engineering, Science and Math, Technical, Business, Information Security, Technology, Science
Skills for Professional Information Security
Desired skills for professional information security include:
Desired experience for professional information security includes:
Professional Information Security Examples
Professional Information Security Job Description
- Provide management oversight of outsourced security services and maintain operations of Information Management’s internally supported security processes
- Monitor and act on functional performance of outsourced security vendor(s) against agreed upon milestones, deliverables, Service Level Agreements (SLA’s) and other relationship metrics or obligations of either party
- Support internal and external IM security audits
- Lead security engagements and implementation of security controls with third-party security partners, including network security vulnerability and penetration studies, website application security assessments and data loss protection reviews
- Manage processes to ensure new and existing systems incorporate approved security standards
- Lead security and vulnerability risk assessments, following the company’s Enterprise Risk Management processes
- Provide IM Security budget management support, including managing contract renewals for security services
- Lead initiatives supporting the company’s information security awareness program
- Provide management and executive-level information security information and reporting
- Provide assistance with the company’s disaster recovery and business continuity plans and other security and compliance plans
- Ability to work Monday - Friday 12am -12pm / 8 Hour shift
- Possess 8570 security certifications (Security +, CISSP, ) and/or top secret security clearance
- Experience on any Antivirus suites
- Possess security certifications (etc
- Previous experience in control awareness and adherence within a banking environment
- Strong understanding and implementation experience of various access control models and IT control frameworks
Professional Information Security Job Description
- Reply on requests (ticketing system, email, phone)
- Synthesizes security solutions within the context of the system to meet customer expectations while staying within schedule and cost constraints
- Researches and analyzes data, such as vendor products, COTS components, GFE/CFE, specifications, and manuals to determine security of design
- Effectively chooses the appropriate standards, processes, procedures, and tools throughout the system development life cycle to support the generation of the security engineering products
- Executes or leads the execution of the development of program required security documentation, including items such as security plans, contingency plans, and security tests plans and procedures in compliance with the IA policy
- Supports or leads the Assessment and Authorization (A&A) (or Certification and Accreditation (C&A) activities and the generation of the documentation for the program
- May supervise or manage lower level employees
- Leads technical security tasks for medium teams or projects
- Leads small security proposals and contributes the security portions of medium sized proposals
- Leads the generation of small subcontract Statement of Works (SOWs)
- Four year undergraduate degree or 10 years relevant progressive experience
- Minimum 10 years experience in relevant IT security management environment, practicing with CISSP certification for at least 3 years
- Minimum 3 years’ experience working in FDA and/or Sarbanes-Oxley environment, supporting regulatory compliance from an IT security perspective
- Strong conceptual understanding of IT Security theory and practice
- Demonstrated project management experience and knowledge of project management principles, practices, techniques and tools
- Strong working experience in meeting with internal and external auditors, IT management, and clients to discuss and address security concerns
Professional Information Security Job Description
- As a member of the Information Assurance Security team, supports the system security design effort, security requirements analysis, and security requirements flow down to the program elements
- Plans and executes project tasks for activities described abov
- Represent CBSS on various info security related committees and working groups
- Act as an info security risk consultant/advisor, and come up with strategies to address assigned info security items impacting CBSS as a whole
- Host business line level meetings to share important info security related topics
- Address information security policy adherence
- Manage the data loss prevention program for CBSS
- Track CIT issues and third party findings that tie back to information security
- Ensure that CBSS follows enterprise guidelines related to security risk extension tracking
- Escalation contact for various security teams for CBSS-related past due items (user access reviews, role reviews, access model reviews, COSMOS reconciliation items)
- Working knowledge of AIX/UNIX and Windows environment
- Working knowledge of Linux security and operating system
- Working knowledge of Web environment including IIS, Apache web application best practices
- Working knowledge of Active Directory and Identity and Access Management provisioning solutions
- Working knowledge of system development methodologies
- Working knowledge of common information security and state and federal privacy standards, laws, and government regulations
Professional Information Security Job Description
- Perform exceptions reviews and report reviews
- Prepare Metrics and dashboard to showcase the overall security posture of the designated business units
- Providing guidance, procedural advice and general information expertise in Information Security and basic expertise in Data Protection
- First level support for Information Security tickets
- Support in exception management process
- Permanently establish, maintain and ensure adherence of information security policies, guidelines, programs and standards
- KPI reporting, consulting, Knowledge base input
- Providing information and status update regularly report on target achievements
- Support of Risk Management (ERM) process regarding Information Security
- Define, maintain and review the InfoSec Controls
- Excellent verbal and written communication skills, specifically the ability to explain security processes and concepts in an understandable manner and the ability to communicate well thought out ideas to varied audiences
- Excellent group facilitation, mediation and conflict resolution skills
- Ability to balance business needs with information risk management strategies
- Ability to demonstrate competence and gain credibility in the field of IT security among colleagues, management, vendor partners, and internal and external auditors
- Ability to work independently in a fast-paced environment, effectively managing and prioritizing multiple tasks and projects with deadlines simultaneously
- Ability to analyze complex problems and develop creative solutions
Professional Information Security Job Description
- Gather information necessary to maintain security and establish functioning external barriers such as firewalls and other security measures
- Knowledge of Data Classification and Data Masking Techniques and Mitigation Strategies
- Working knowledge of Data Security tools like Delphix, DLP, Titus, AbInitio, Archer
- Well-verse in conducting Security Review, Assessments and providing recommendations
- Experience in developing content and conducting Security awareness training
- Experience in Process Improvement, Controls Enhancement and Reporting
- Engaging with Firm wide risk and control groups, including internal audit and territory control teams
- SPOC for security architectures meetings
- Provide supplemental vulnerability management support
- Build weekly activity report and metrics slide
- Working knowledge of IT Security framework standard practices
- Ability to influence and demonstrate the capacity to generate win-win outcomes by building partnerships across the organization
- Ability to demonstrate broad perspective and long term vision and works with management to develop strategy
- Ability to interact with external law enforcement agencies, following proper protocol and representing RAI in a professional manner
- 5+ years running/managing a VM product
- 5+ years running/managing a SIEM