Security Administrator

Job Summary

Administrator role within the IT Security Department focusing on utilizing information security best practices for implementation of efficient and strong security and compliance controls.

The Security Administrator is responsible to the IT Security Manager for various tasks that provide business process leadership around ISC’s Security Practice.  This includes working with the Security team to establish business requirements for provisioning and deprovisioning of accounts as well as the administration of such accounts.  The selected candidate will have entry to mid level experience in Systems/Network Administration Practices and Role Based Access Control definition.  The candidate is expected to be able to manage projects and interface with a variety of teams throughout the organization. 

 

Principal Responsibilities

  • POLICY AND PROCEDURES:  Assist in Implementation the organization's information security policies and procedures.
  • SECURE SYSTEMS MANAGEMENT:  Evaluate security procedures to build efficiencies into the process.
  • SECURE SYSTEMS MANAGEMENT:  Evaluate business/IT processes to build efficiencies into the process.
  • RISK ASSESSMENT:  Assist in performing information security risk assessments to determine risk posture against assets and processes.
  • INFORMATION SECURITY EXPERT:  Stay abreast of the latest thinking, technologies, and security literature.
  • DOCUMENTATION:  Compile, deliver, and maintain security/compliance documentation for internal and external consumption.
  • Additional responsibilities as assigned by management.

Competencies 

Technical Skillsets

  • Competent with administration/provisioning and deprovisioning practices for applications including but not limited to Active Directory/LDAP

  • Competent in understanding, troubleshooting, and applying NTFS and NFS permissions to files and folders.

  • Competent with data mapping and data analytics

  • Competent with Application and Infrastructure documentation

  • Capable of creating role based access definitions and implementing them throughout the organization

  • Capable of assisting with business process re-engineering to create efficiencies and reduce redundancies

     

    Professionalism

  • Professional competencies in information technology or related field of work

  • Conscientious and efficient in meeting commitments, observing deadlines and achieving results

  • Able to work independently with minimal supervision

  • Proven analytical skills to arrive at sound conclusions when dealing with complex issues

  • Ability to contribute to the development of policies and to interpret procedures and guidelines

Leadership

  • Ability to lead cross functional project teams in the fulfillment of a project initiative

Planning and Organizing

  • Ability to plan and organize work consistent with the strategic goals of ISC

  • Identify priority activities and assignments to ensure the effective monitoring and implementation of work plans

Communication

  • Excellent skills in communicating with people from different backgrounds and technical abilities

  • Ability to communicate to Executive Leadership

  • Ability to communicate complex technical items to non-technical individuals in a succinct and clear fashion

Technological Awareness

  • Ability to keep abreast of developments and relevant technologies applicable to the profession

Customer Orientation

  • Skillful in identifying customer needs and establishing and maintaining effective relationships with internal and external stakeholders

Decision-making

  • Ability to make sound and timely decisions

  • Ability to prioritize tasks based on various criteria

     Experience

  • Requires 2 years of experience with IS or IT in a large enterprise environment. Ideally the candidate will have previous experience as a systems or network administrator and project management experience.

     Education

    Requires a Bachelor’s degree or an equivalent combination of education and experience.

    Certification Requirements

    One of two industry recognized certification credentials preferred but not required:  Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISA)