The Information Security Administrator / Engineer is primarily responsible for the design, implementation, management, and operations of security controls and systems to protect the confidentiality, integrity, and availability of the organization’s information assets.
The role will also enforce and document new procedures, standards and best practices as required by business activities.
Administratively, you will conduct risk assessments and will be maintaining or developing the security policies, procedures, and controls.
Technically, you be implementing, using, and managing the technical security controls and systems, recommending system hardening, and overseeing continuous vulnerability assessments.
You will administer the daily operations of the information security program to include, vendor management, risk assessments, information security reporting, and security system administration.
The position will also work collaboratively and effectively with other IT groups, as well as user groups to meet or exceed company objectives.
Info Security Admin / Engineer Job Responsibilities
Run recurring vulnerability scans and prioritize remediation efforts
Design and manage the company’s security program and coordinate with other departments to address issues and improvements
Design and execute security processes and controls
Perform risk assessment – ensure implemented risk measures are operating smoothly and identify and correct possible issues
Accurately document security guidelines and manage testing and project schedules security processes and controls
Evaluate and identify partners and tools to help us meet our security goals
Educate the front-line helpdesk staff and all network users about security best practices
Identify, recommend changes and new designs, and implement new security controls
Ensure compliance with policies and procedures approved by the CIO and associated committees to develop and refine the same
Develop and monitor security reports as necessary, to detect unauthorized system usage/misuse and intrusion
Support and maintain systems and computer security by monitoring related applications/ systems and tools
Support current environment with a core infrastructure of firewalls, load balances, routers and switches
Assist in the architect, design and testing of new security related solutions to take advantage of emerging technology or changing requirements
Monitor all networks within organizational assignments and provide reports on a regular basis on security related activities
Maintain detailed logs of all security control changes
Establish a security incident response process
Key point of contact for all security related vendors
Qualifications for the Info Security Admin / Engineer Job
A Bachelor’s Degree in Information Technology with a specialisation in Information/Systems Security is a must – A Master’s Degree is an added advantage
A minimum of 2 years’ experience in a similar role
A professional IT security certification and IT standards certification is an added advantage (CISSP, CCNA Security, ISO 27000, ITIL etc.)
General understanding and knowledge of regulatory requirements, security concepts, governance and privacy
Experience with vulnerability mitigation strategies
Experience working with network forensic tools
Experience with security tools – NAC, Antivirus, File Integrity Management, Intrusion Prevention, Network and Application Firewalls, Web Proxy, Logging & Monitoring and DLP
Experience with Malware detection tools, techniques, investigation and remediation
Experience with security event response from key security products and services (network traffic analysis, PC forensics, kill chain, windows event analysis, etc.)
Able to partner with management and technical staff to resolve complex security matters and critical policy creations
Detail-oriented, resourceful and able to manage shifting priorities
Excellent written and verbal communication skills required
Ability to positively and effectively interact with internal and external customers
Ability to work well with others in a collaborative team environment
