This position is responsible for the management of Information Security operations. Responsibilities include: Information Security Administration (ISA) �Development and maintenance of all Processes and Procedures for administering physical and logical access to all data, applications, systems, and networks (i.e. user log-on and authentication rules, access authorization); �Administration of all security tools and mechanisms (i.e. firewalls, virus, Intrusion Detection System IDS, Enterprise Configuration Management CM, Enterprise Monitoring, Enterprise Security Administration, encryption routines) that enforce adherence to the Corporate System Security Plan and ensure compliance with all Information Security Policies; �Development and distribution of security administration status and metrics reports supporting compliance to the Corporate System Security Plan for all networks, systems, and applications to key IT security stakeholders; �Development of Service Delivery Quality including Operating Level Agreements (OLAs) and Service Level Agreements (SLAs) for physical, logical, and tool administration; �Execution of all Processes and Procedures for physical, logical, and tool administration within OLAs and SLAs; and, �Contribution to audit response and management action plans for all security and tool administration audit issues. Information Security Monitoring (ISM) �Development and maintenance of all Processes and Procedures for monitoring and reporting on compliance of all applications, networks, and systems (e.g. su, sudo, intrusion detection, firewall logs, email filters, URL logs, syslogs, etc.) in accordance with the Corporate System Security Plan ensuring compliance with all Information Security Policies; �Development and maintenance of all Processes and Procedures for forensics and investigation of all security vulnerabilities, violations and incidents against all Information Security Policies in accordance with the Corporate System Security Plan; �Development and distribution of monitoring, incident handling and violation status and metrics reports supporting compliance to the corporation�s System Security Plan for all networks, systems, and applications to key IT security stakeholders; �Development of Service Delivery Quality including Operating Level Agreements (OLAs) and Service Level Agreements (SLAs) for monitoring, reporting, forensics, and investigation services; �Execution of all Processes and Procedures for monitoring, reporting, forensics, and investigation services within OLAs and SLAs; �Assist all internal and external clients in resolution of security vulnerabilities, violations, and incidents through analysis of technologies, processes, procedures, and strategies including their impact on client services levels; and, �Contribution to audit response and management action plans for all security monitoring audit issues. BS Degree and/or 8+ years Information Technology or Information Security related experience strongly preferred. Previous experience in management is preferred. This position requires an extensive knowledge in networking, databases, and systems operations. Strong related experience in developing security procedures and selecting/implementing automated management/administration tools required. Salary commensurate with experience. Neal Fisher PPS Information Systems Staffing [EMAIL PROTECTED] 410-823-5630
