Job Description
POSITION: SECURITY ADMINISTRATOR III
LOCATION: TORRANCE, CA
DURATION: 24 MONTHS
JOB DESCRIPTION
Perform user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures
- Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards
- and procedures o, as well as with industry best practices and vendor guidelines.
- Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
- Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
- Locate and repair security problems and failures.
- Collate security incident and event data to produce monthly exception and management reports.
- Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate.
- Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
- Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
- Develop and maintain documentation for security systems and procedures.
- Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
- Provide guidance to junior members of the team.
ACADEMIC/EXPERIENCE/COMPETENCY
- BA/BS in Information Technology, Computer Science, or related field or equivalent work experience.
- Understanding of in security subjects
- Knowledge of security policies and interprets policies
- Understanding of a specific security application or tool and how it works
- Ability to assess security safeguards
- Ability to deal with threats and intermediate level incidents
- Ability to deal with intrusions at a moderate threat level
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
- Technical proficiency with security-related systems and applications, especially:
- Experience in developing, documenting and maintaining security procedures.
- Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
- Working technical knowledge of current systems' software, protocols and standards.
- Strong knowledge of TCP/IP and network administration/protocols.
BUSINESS EXPERIENCE
- 5 to 7 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration;
DAILY TASKS PERFORMED
- AS400 Security Account Maintenance
- Level 2 and Level 3 Help Desk ticket support - ServiceNow
- Audit evidence gathering and presentation
- Provision / Revoke Access to AS400 systems
- Group maintenance
- Project tasks related to AS400
- Review QSECOFR and AppDev EMER** activities
- Manage access and use of QSECOFR and AppDev EMER** IDs
- Maintain AS400 policy and procedure documents
- 10 Write / update monitoring scripts for QSECOFR / AppDev
WANTS
- Hands on AS400 Administration experience – 5+ years
- A background in Information security systems with specific knowledge around Access Control.
- Hands on Active Directory and LDAP queries experience – 1+ years
- Functional understanding of TCP/IP networks and Firewalls
- Functional understanding of following protocols: TCP, UDP, DNS, NetBIOS, HTTP, HTTPS, SMTP, SNMP, SSH, SSL
- Functional understanding of database concepts
- Prior experience as technical lead for enterprise software deployments
- Basic UNIX system administration
- Basic database administration
- Basic scripting experience
- Experience with the following technologies/products: Identity Management, PAM, Authentication and SSO, System Monitoring and Alerting, and Ticketing Systems.
- Excellent interpersonal skills
UNIQUE SKILL SETS DESIRED
Expert Level AS400 Administration