1. Responsible for administration of Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Application Firewalls, Security Information and Event Management systems (SIEM), Remote User Access (VPN), Web/URL Filtering systems, Application Security Testing systems, Authentication systems and Proxy systems.
2. Audits logs on a routine basis for security events including intrusions, viruses, hackers, spam, security incidents and other malicious activity. Works with the Incident Response and Handling teams to resolve security events. Prepares Incident Reports as required.
3. Installs, configures and maintains both network and application firewalls. Creates, modifies and deletes authorized firewall and network access rules to ensure proper network boundary protections are in place.
4. Configures and monitors security monitoring systems such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) and Security Information and Event Management systems (SIEM). Tunes security log integration and analysis rules for these systems to reduce both false positives and false negatives.
5. Performs vulnerability scans on a routine basis as well as for all new system installations in accordance with Vulnerability Scans and Configuration Control procedures.
6. Installs, configures and monitors remote access control systems such as Virtual Private Network (VPN) and SSL-VPN products.
7. Installs, configures and monitors boundary protection systems such as Web/URL filtering products and proxy systems.
8. Installs, configures and maintains Endpoint Security systems, multi-factor authentication systems, public DNS systems and load balancers.
9. Consults with IT team members during the Functional Design phase of development efforts to ensure new applications meet appropriate security requirements.
10.Works with Information Technology staff, users, peers and vendors to research and diagnose security-related problems; develops, implements and documents problem resolutions.
11. Routinely reviews security, vendor and other available sources for newly discovered vulnerabilities or newly released patches that should be applied to Company's Systems. Advises other system administrators of these vulnerabilities and assists them as needed in securing their systems.
12. Performs and/or coordinates internal and external audits and penetration attempts to ensure perimeter devices and internal servers are hardened properly.
13. Ensures appropriate authorization and access controls are in place.
14. Maintains and document network architecture and access control. Participates in design, installs, configures and maintains network devices and network access control systems. Monitors and troubleshoot network issues.
15. Works with the Development and Quality Assurance teams to create application security testing plans to ensure new and changed application programs meet security requirements.
16. Provides training and mentoring to appropriate individuals, such as peers, management staff and the corporate trainer, on recommended security practices.
17. Participates in the development of the Corporate Security Policy and any associated procedures to ensure compliance with federal, state and industry laws and regulations.
18. Serves on the Enterprise Change Control and Change Advisory Boards to ensure the security of Company's Systems is not compromised.
19. Assists management as needed and perform other duties as assigned.