JOB SUMMARY:

***NOT A REMOTE/WFH POSITION***

The I.T. Security Specialist I should have experience supporting a broad range of programs with increasing responsibility in overall information assurance and cyber security support; including security configuration and management services, data protection, anti-virus, malware detection and protection, host-based and endpoint security solutions, and audit and accountability services. The I.T. Security Specialist I develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems. In this role, one maintains hardware, software, and network firewalls and encryption protocols. One administers cybersecurity policies to control physical and virtual access to systems. In addition, you will be responsible for monitoring and analyzing the security posture of networks, servers, endpoints, and other systems. Activities include detection, mitigation, and response to cyber incidents using a combination of technology solutions and processes and ensuring security issues are addressed quickly on discovery.

KEY TRAITS AND CHARACTERISTICS:

· Able to focus on the big picture while being passionate about every minute detail.

· An excellent communicator and comfortable working with cross-functional teams

· A true Problem Solver – can think holistically and present scenarios to solve the problem at hand.

· Comfortable operating in ambiguity. Apply process where it creates value, and design process where necessary.

KEY DUTIES AND RESPONSIBILITIES:

· Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures.

· Operate all aspects of Information Systems (IS) data availability, integrity, authentication, confidentiality, and non-repudiation.

· Implement and monitor security measures for communication systems, and networks, and provide advice that systems and personnel adhere to established security standards and company requirements for security on these systems.

· Support customers at the highest levels in the development and implementation of Cybersecurity policies.

· Collaborate on the development of long-range plans for IT systems.

· Support process improvement and innovation.

· Support engineering design, development, direction, and implementation of Cyber Security and IT solutions.

· Maintain and monitor the Back-up Systems and Cyber Security training campaigns.

· Perform system security administration on designated technology platforms, including operating systems, applications, and network security devices in accordance with the defined policies, standards, and procedures of the organization, with industry best practices and vendor guideline

· Oversee incident response and the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.

· Technology security administration for access to IT systems and applications.

· Reviewing new systems designs and major modifications for security implications prior to implementation

· Developing audit plans for systems and processes

· Ensuring systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan.

· Verifying the implementation of delegated aspects of the system security program.

· Ensuring all proper account management documentation is completed prior to adding and deleting system accounts.

· Verifying all system security documentation is current and accessible to properly authorized individuals.

· Conducting periodic assessments of authorized systems and providing the ISSM with corrective actions for all identified findings and vulnerabilities.

· Managing risk program and performing process analysis and documentation

· Collaborating with other teams to ensure compliance with the Information Security Policy and Federal Regulations

· Author Standard Operating Procedures (SOPs) and training documentation

· Maintaining security documentation to ensure that they are organized and reviewed by subject matter experts in a timely manner.

· Conducting collaborative meetings between the applications, networking, server, database, and application teams to address the collection of metrics, system controls, and process improvement.

· Creating reports that identify gaps in security and remediation recommendations.

· Arranging meetings, circulating agendas, and preparing meeting minutes

· Conducts penetration testing and vulnerability assessments of applications, operating systems, and/or networks.

· Respond to cybersecurity breaches, identify intrusions, and isolate, block, and remove unauthorized access.

· Researches and evaluates cybersecurity threats and performs root cause analysis.

· Assists in the creation and implementation of security solutions.

· Provide information to the I.T. Team regarding System Information and Event Monitoring findings.

· Develop and execute approved security policies, plans, and procedures; implement data network security measures; operate and monitor network intrusion detection and forensic systems; conduct IS security incident handling; support Continuity of Operations Plan/Disaster Recovery plans and perform certification of Information Systems and networks.

· Perform other information security duties including operation of Electronic Key Management System (EKMS) and maintenance of Public Key Infrastructure (PKI).

· Operate Host Based Security System (HBSS), firewalls, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), other point of presence security tools, Virtual Private Networks (VPNs), and related security operations.

· Perform defensive cyber operation duties including, but not limited to, ensuring workstation and server compliance with Host Based Security System (HBSS) requirements; identifying cybersecurity incidents using HBSS, Event Manager (SIEM), and other automated tools; performing forensics and remedial action on cybersecurity incidents; and reporting defensive cyber operations statistics.

· Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained.

· Provides front-line support by fielding incoming help requests from end users via both telephone and e-mail in a courteous manner.

· Responsible for Help Desk Service Requests, including but not limited to, responding, documenting, and maintaining in a timely fashion.

· Build rapport and elicit problem details from help desk customers.

· Prioritize and schedule problem resolutions. Escalate problems (when required) to the appropriate next level.

· Use Help Desk ticketing software to document, record, track, and monitor the Help Desk request problem-solving process, including all successful and unsuccessful decisions made, and actions taken through to final resolution.

· Ensure appropriate attention and escalation of customer problems by documenting the impact on the customer and assigning an appropriate priority and resolution target within the Help Desk ticketing software,

· Apply diagnostic utilities to aid in troubleshooting.

· Access software updates, drivers, knowledge bases, and frequently asked questions resources on the Internet to aid in problem resolution.

· Identify and learn appropriate software and hardware used and supported by the organization.

· Provide problem determination and support to specific systems using documented procedures and available tools.

· Test fixes to ensure the problem has been adequately resolved.

· Receives, delivers, tags, set up, and assists in the configuration of end-user p.c. desktop hardware, software, and peripherals.

· Creates and configures user ERP, e-mail, Active Directory, etc. profiles and accounts.

· Install, support, and maintain software.

· Provide daily reporting of pending issues and high-priority incidents.

· Create and update knowledge base articles.

· Assist in project implementations, testing, and documentation.

· Monitor system notification alerts and take appropriate and timely action.

· Creates or assists in the creation of SOPs, Policies and Procedures, and How-To documentation.

· Assists in the training of users in the operation of software and or hardware.

· Assists in the creation and documentation of training criteria, programs, and user education.

· Assists and at times may be responsible for the training of end users in a one-on-one or group environment.

· Responsible for the proper archiving and record keeping of all IT department documentation and material.(SOPs, P &P’s, How-To’s, and any work material produced in the course of departmental business.

· Responsible for network folder creation, nomenclature, and archiving.

· Responsible for all network data classification.

· Minimal travel may be required.

· Special projects as required.

· Other duties as assigned.

REQUIREMENTS AND TECHNICAL COMPETENCIES:

· Minimum High school diploma or equivalent required; Bachelor’s degree in Computer Science, Management Information Systems, Engineering, or equivalent work experience preferred.

· Bachelor’s degree in IT or similar field with 3 years of work-related experience, or 5 years in lieu of a degree

· Proficiency in problem-solving, analytical thinking, and penetration testing methodologies

· Familiarity with LINUX/UNIX OS, routers/switches/firewalls, Windows PC platforms, NAS platforms, Firewall, Intrusion Detection devices, endpoint security software, network/server security vulnerability and protection

· Familiarization with Information Security Policy and security related Federal Regulations

· 3 years of working experience in medium to large enterprise

· 3 years’ experience in network, host, data, and/or applications work in multiple operating systems environments

· 3 years experience in troubleshooting Network hardware LANs/WANs/VPNs/Firewalls/IDS/IPS, SIEM, DLP, AntiVirus/antimalware, forensic capture and analysis systems

· 3 years of demonstrated knowledge and hands-on experience with/of Windows-based operating systems, Linux, MacOS, networking technologies (Cisco, Palo/Alto, etc.), cloud services

· 3 years’ experience in end-user support, including the prioritization and rationalization of new support issues

· 3 years’ experience in writing/editing technical documentation preferred.

· Knowledge of basic networking including understanding of OSI layer, TCP/IP, DHCP, DNS etc.

· Experience with desktop and server operating systems, all Windows Server Os’s

· Support experience with Microsoft Windows and Microsoft Office

· Working knowledge of a range of diagnostic utilities

· Experience working with Risk Management Framework (RMF)

· Experience operating, maintaining, and administrating the following:

• network access control services
• endpoint security detection and response services and solutions
• host-based security detection and response services and solutions
• data protection mechanisms using at-rest and in-flight management technologies.
• intrusion management services

· Experience configuring, operating, and maintaining:

• Palo Alto Firewalls
• CrowdStrike Complete
• Rapid 7
• Cisco routers and switches
• Security Information and Event Manager (SIEM)
• PKI
• IPS

· Experience conducting vulnerability compliance scanning and conducting assured compliance assessment.

· Experience providing security and information event management services.

· Experience providing problem resolution and subject matter expertise in security investigation best practices.

· Strong computer skills including MS Office (Word, Excel, Outlook), MS Teams, Zoom, general internet use, and Windows-based software and databases.

· Must be able to type 45-60 WPM with 100% accuracy.

· Ability to analyze processes and develop valid solutions to resolve issues at hand.

· Strong written and oral communication skills

· Prioritizing, time management, and organizational skills

· Knowledge of customer service principles and practices

· Knowledge of administrative procedures

· Minimal initial mechanical or automotive experience a plus

· Strong data collection and order entry skills

· Customer service orientation

· Professional demeanor

· Knowledge of administrative procedures

· Exercises tact and discretion in interpersonal contacts.

· Respects the confidentiality of privileged information that this role will have access to.

· Strong attention to detail and excellent organizational skills.

· Exceptional communication and interpersonal abilities to liaise with suppliers, customers, and internal teams.

· Proficiency in using export-related software/ tools and knowledge of export regulations, international trade practices, and shipping logistics a plus.

· Ability to analyze processes and develop valid solutions to resolve issues at hand.

· Excellent judgment, reasoning, conflict-resolution, and problem‐solving skills

· Ability to influence outcomes and juggle multiple priorities in a fast-paced environment.

· Ability to make independent decisions in a changing environment and anticipate future needs.

· Energetic, adaptable, flexible, collaborative, proactive, and comfortable with change and uncertainty.

· Ability to analyze and research data and resolve discrepancies.

· Ability to analyze complex data and make recommendations.

· Ability to employ deductive reasoning and critical thinking skills.

· Ability to seek out information and resolve issues.

· Ability to lead and manage projects to achieve organizational objectives.

· Ability to work confidentially with discretion on privileged and sensitive information and abide by BendPak’s privacy and confidentiality policies.

· Ability to calculate and process information quickly and accurately.

· Proven ability to gather and analyze qualitative and quantitative feedback and KPI data to assess program success

· Influencing and negotiation skills – Collaborate with cross-functional teams to influence program development, design, and execution based on program metrics and analysis

· Ability to maintain the highest level of confidentiality

· Strong PC skills including MS Office (Word, Excel, Outlook) and web-based and Windows-based software and databases.

· Ability to organize, prioritize, and multitask in a deadline-driven environment and shift priorities as needed.

· Learn new concepts quickly and accurately.

· Strong interpersonal skills, with a focus on listening, and questioning skills.

· Strong documentation skills.

· Ability to follow manuals and read complicated instructions

· Ability to absorb and retain information quickly.

· Ability to present ideas in user-friendly language.

· Highly self-motivated and directed.

· Exceptional customer service orientation.

· Demonstrates competency in effectively adapting to rapidly changing technologies and applying them to business needs.

· Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.

· Able to excel in a fast-paced, deadline-driven environment, where small teams share a broad variety of duties.

· Displays strong initiative and drive to accomplish goals and meet company objectives.

· Takes ownership and responsibility for current and past work products.

· Is committed to learning from mistakes and driven to improve and enhance the performance of oneself, others, and the company

· Focuses on teamwork and puts the success of the team above one's interests.

· Certifications in A , Security , CISSP, CISM, CISA or MCSE a plus

WORK ENVIRONMENT and PHYSICAL DEMANDS:

· This job operates in a professional office environment and is typical of a Call Center operation.

· The noise level in the work environment is typical of that of an office.

· While performing the duties of this job, the employee is regularly required to walk, talk, and hear.

· This role routinely uses standard office equipment such as computers, phones, photocopiers, scanners, filing cabinets, fax machines, and various computer programs.

· This position is highly active and requires standing, walking, bending, stooping, and crouching all day.

· Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

· Employee must have the ability to complete product training which can include but is not limited to meeting independent lifting ability of 40-50 lbs. and physical demands including but not limited to standing squatting, operating machinery, and performing repetitive motions.

· Required to sit, stand, walk, climb stairs, touch, see, and hear; occasionally operate machinery.

· Must regularly be required to sit, talk, hear, and have regular use of hands and fingers to operate mouse, keyboard, telephone, and any other computer-related equipment.

· Must have vision abilities to operate computer and phone systems.

· Sitting for extended periods of time.

· Dexterity of hands and fingers to operate a computer keyboard, mouse, and power tools, and to handle other computer components.

· Lifting and transporting of moderately heavy objects(up to 50lbs), such as computers, printers and peripherals.

· Some Saturdays and or overtime as needed.

Job Type: Full-time

Pay: $50,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee discount
• Flexible schedule
• Health insurance
• Life insurance
• Paid time off
• Referral program
• Vision insurance

Experience level:

• 3 years

Schedule:

• Day shift
• Monday to Friday

Education:

• High school or equivalent (Required)

Experience:

• WAN/LAN: 3 years (Required)
• hands-on work related experience with Bachelor's degree: 3 years (Preferred)
• hands-on work related experience in lieu of a degree: 5 years (Preferred)
• hands-on Cybersecurity: 3 years (Required)
• hands-on Incident management: 3 years (Required)
• hands-on Cisco router & switch: 3 years (Required)
• hands-on Firewall: 3 years (Required)
• hands-on Network security: 3 years (Required)
• hands-on Network management: 3 years (Required)
• hands-on Server management: 3 years (Required)

License/Certification:

• A , Security , CISSP, CISM, CISA or MCSE (Preferred)

Ability to Commute:

• Theodore, AL 36582 (Required)

Ability to Relocate:

• Theodore, AL 36582: Relocate before starting work (Required)

Work Location: In person