IT Security Specialist

The IT Security Specialist serves as a specialist in the development, implementation and administration of Cognate's information security functions. This role pro-actively monitors systems, analyzes security processes and documents and maintains appropriate levels of controls. The IT Security Specialist will report directly to the VP of Information Systems.

 Essential Duties and Responsibilities

The IT Security Specialist must be able to perform each essential duty listed below. Other duties may be assigned.

• Monitoring information security risks related to the systems, networks and processes to ensure internal security controls are appropriate and operating as intended.
• Reviewing logs and reports from security systems. Identify abnormalities and report violations. Work with team members to resolve potential security issues.
• Defending systems against unauthorized access, modification and/or destruction.
• Configuring and supporting security tools such as firewalls, anti-virus software, patch management systems.
• Overseeing and monitoring routine security administration.
• Performing risk assessments that evaluate the risk in the Cognate environment and reporting findings to management. Implementing approved risk mitigation strategies.
• Performing vulnerability testing and security assessments.
• Assisting with client and internal audit requests.
• Coordinating and executing IT information security projects.
• Coordinating response to information security incidents and providing post-incident analysis.
• Developing, managing and maintaining user security awareness according to information security policies and guidelines.
• Researching and recommending security upgrades.
• Documenting procedures and drafting network security diagrams
• Conducting security research to stay aware of the latest security issues.
• Participating in disaster recovery programs.
• Performing other related duties as assigned.
• At least 1-3 years of experience working extensively within information security.
• Bachelor's degree in technology or related field. Certifications such as Cisco CCNA and CCIE-Security preferred.
• Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
• Strong knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Microsoft Exchange.
• Strong knowledge and experience with Cisco ASA firewalls, FirePower, Wireless LAN Controllers (WLC), and switches.
• Experience with and involvement in Incident handling and incident response.
• Experience with tools that perform vulnerability assessment and patching.
• Expertise of enterprise architecture, IT Operations and Security required.
• Experience with penetration testing, ethical hacking and threat modeling
• Experience in strategic planning and execution required.
• Superior understanding of organizational goals and objectives required.
• Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.
• In-depth understanding of a variety of network and application attacks.
• Excellent technical writing skills.
• Excellent interpersonal, verbal, and written communication ability.
• Excellent problem-solving ability.

 Education and Experience

• At least 1-3 years of experience working extensively within information security.
• Bachelor's degree in technology or related field. Certifications such as Cisco CCNA and CCIE-Security preferred.
• Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
• Strong knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Microsoft Exchange.
• Strong knowledge and experience with Cisco ASA firewalls, FirePower, Wireless LAN Controllers (WLC), and switches.
• Experience with and involvement in Incident handling and incident response.
• Experience with tools that perform vulnerability assessment and patching.
• Expertise of enterprise architecture, IT Operations and Security required.
• Experience with penetration testing, ethical hacking and threat modeling
• Experience in strategic planning and execution required.
• Superior understanding of organizational goals and objectives required.
• Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.
• In-depth understanding of a variety of network and application attacks.
• Excellent technical writing skills.
• Excellent interpersonal, verbal, and written communication ability.
• Excellent problem-solving ability.

Cover letter must be submitted along with resume