New York, United States
about 1 year ago
The Information Security/GRC Senior Specialist is expected to interface with peers across all IT departments, IT management, and representatives of the business to share the corporate security vision and to solicit their involvement in achieving higher levels of cyber security through information sharing and co-operation.
- Experience developing, documenting, and driving adoption of information security standards and procedures across various security standards and frameworks (NIST, ISO etc.)
- Hands on experience implementing and executing protocols and analysis within incident response, firewall products, IPS/IDS, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc.
- Knowledge of security best practices across multiple platforms
Some Responsibilities Include:
- Provide information security and cyber security analysis and best practice recommendations for hardware, operating systems, networks, software, databases, staffing, data center, and physical office space security
- Conducts incident prevention, detection, containment, eradication and recovery across IT systems, including developing processes, monitoring events, responding to incidents, summarizing and reporting findings
- Creates Firm-wide policies and procedures documentation as needed (e.g., Information Security, Incident Response, Computer Usage, Security Awareness, Personally identifiable Information, etc.)