Information Security Consultant- Network/SIEM FocusApply Now
ABOUT THE JOB:
This individual is responsible for leading in the design, implementation and integration of advanced security operations solutions including but not limited to, Threat Management (i.e. Vulnerability Management, SIEM, and Incident Response) and Network Security. The Information Security Consultant will also provide technical security guidance to Application Development and Infrastructure teams.Supports Information Security Engineer and Architects in strategic planning, new tool selection and process improvements.
WHAT YOU WILL DO IN THE ROLE:
Design, Integration, and Management of Advanced Security Operations solutions including but not limited to Network Security solutions (Firewalls, IDS/IPS, VPNs, and Cloud Access Security Brokers and Threat Management solutions (System, Network, and Application Vulnerability Management, SIEM and Incident Response)
Responsible for establishing and managing security solutions that can defend a company and its networking assets.
Serve as lead for SIEM design, related components, and the confidentiality, integrity and availability (CIA) of logs.
Implement, manage and maintain event and log collection, reporting and compliance requirements.
Design and build SIEM dashboards and reporting tools required by technical teams
Work with the appropriate IT Teams to create and maintain applicable security standards for, Vulnerability Management, and IT systems such as Networks, Endpoint Security, etc.
Maintain and Implement Incident Handling Plan, serve as incident responders performing initial forensics and incident handling capabilities and plan, coordinate, and perform security testing exercises such as Pen Testing and Tabletop Exercises.
Develop strategies to improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
Lead the creation and maintenance of documentation related to NCCI’s security framework, program, and standards where applicable to role
WHAT YOU MUST BRING TO THIS POSITION:
- A bachelor's degree and a minimum of six (6) years of experience in an intermediate level Information Security role with proven expertise in multiple aspects of security and IT operations
- In lieu of the degree, additional work experience and/or trade school or applicable certifications. Years of experience requirement can be offset with demonstrated NCCI knowledge of security solutions and proficiencies in various infrastructure platforms (e.g., window servers, Unix, etc.)
- At least one advanced information security certification such as CISSP, SANS GIAC, CEH, etc.
- Intermediate scripting experience with knowledge of programming languages such as PERL, Java, .NET, etc.
- Proficient in one or more SIEM (e.g., QRadar, Splunk, LogRhythm, ArcSight, Securonix).
- Proficient in one or more industry standard network tools.
- Advanced knowledge of network security technologies such as Firewalls, VPN, IDS/IPS, Cloud Security, etc. Advanced knowledge of security aspects for multiple operating systems, networking technologies, encryption technologies, and applications
- Advanced knowledge of continuous monitoring principles including threat management, SIEM, File and Database Activity Monitoring, and Incident Response
- Knowledge of Information Security concepts, principles, and practices
- Detailed knowledge in multiple security domains inclusive of Security Management, Access Control Systems and Methodology, Network Security, Cryptography, Operations Security, Application and System Development Security, Threat Management and Incident Response.
- Detailed knowledge of security control frameworks, standards, governance and security best practices.
- Proven ability to work independently with guidance in only the most complex situations
- Excellent organizational, planning, written and verbal communication skills.
- Strong client facing skills with ability to deal and lead conversations with large technically diverse teams.
- Organized, responsive and highly thorough problem solver with strong ability solve complex problems, analyze information, identify and assess risks and make tactical and strategic recommendations.
- Experience driving measurable improvement in security operations and risk reduction within the organization
- Excellent time management skills to aid in meeting specific goals and plans to prioritize, organize, and accomplish.
- Proven learning agility and seeks to excel, be curious and adaptable
- Ability to act as lead in managing security related projects and investigations.
- Ability to maintain a high level of professionalism and confidentiality.
- Ability to work well under pressure.
- Ability to be on-call and work outside of regular business hours as needed.
WHAT WILL MAKE YOU A MORE VIABLE CANDIDATE:
- Additional advanced information security related certifications from SANS GIAC (Global Information Assurance Certification); ISACA, ISC2, etc.
WHAT'S IN IT FOR YOU:
- • A competitive starting base salary plus a targeted annual performance bonus
- • A phenomenal work environment, with perks including onsite restaurant and coffee shop, employee activities, onsite fitness center, and sports leagues
- • A wonderful team of dynamic people to work with who are fun, caring and friendly
- • A fantastic benefits package that’s hard to find in South Florida
WHO WE ARE:
Since 1923, NCCI has been committed to fostering a healthy workers compensation system. We are the nation’s trusted source for accurate, objective workers compensation information. We are the industry leader. At NCCI, we recognize that our employees are the reason our legacy endures today. We’re motivated by the opportunity to do challenging and interesting work, and our Total Rewards package attracts top talent. Our employees care about each other and the communities in which they live and work. Our values of integrity, respect, quality and excellence, responsibility, and commitment, guide our success.
We require a drug screen and background check.
EEO/Smoke Free environment
- Customer Operations
- Information Technology
- Data Resources
- Regulatory Services
- Human Resources
- Workers Compensation