Job Description
The SENIOR INFORMATION SECURITY ADMINISTRATOR is a hands-on role that requires a high level of technical expertise. Our IT Security Administrator will be responsible for a broad range of tasks, including the day-to-day administration of cybersecurity tools and devices, as well as first-level and second-level support for security information and event management (SIEM). They will have a significant responsibilities for the security administration of a wide variety of IT systems across the enterprise, including support for various audit related activities.
The individual in this position interacts closely with product vendors and service providers, across our IT organization and with business departments. They will quickly adapt and gain In-depth knowledge of the various Public Storage operating systems and security applications, as well as a working knowledge of basic network protocols and tools.
RESPONSIBILITIES:
- Performs user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures of the organization
- Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines
- Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
- Performs threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
- Applies patches where appropriate and, at the direction of the Manager, Cyber Security, removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
- Locates and repairs security problems and failures
- Collates security incident and event data to produce monthly exception and management reports
- Performs normal and exceptional processing of user access and change requests, escalating such requests when appropriate
- Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes
- Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues
- Develops and maintains documentation for security systems and procedures
- Researches, recommends, evaluates and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations
Event Management/SIEM Management
- Responds to and, where appropriate, resolves or escalates reported security incidents
- Monitors system logs, SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution
- Investigates and resolves security violations by providing postmortem analysis to illuminate the issues and possible solutions
Identity and Access Management
- Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained
- Administers and maintains end-user accounts, permissions and access rights for all systems
Infrastructure Protection
- Participates in infrastructure projects to develop, plan and implement specifications for network and distributed system security technologies in support of key information systems
- Assists in the management of firewalls, intrusion detection systems, switches and routers
- Downloads and test new security software and/or technologies
- Supports data encryption deployments, including key management
Risk and Control Assessment
- Implements or coordinates remediation required by audits, and document exceptions as necessary
- Performs system and application vulnerability testing
Threat and Vulnerability Management
- Research threats and vulnerabilities and, where appropriate, takes action to mitigate threats and remediate vulnerabilities
- Reviews, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure
- Recommends, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach
- Monitors security vulnerability information from vendors and third parties
Security Engineering
- Maintains network security diagrams
- Supports cybersecurity architectural requirements
- Participates in cybersecurity working groups