Need to be a US Citizen or US Resident living in Los Angeles
The IT Systems / Information Security Specialist leads and performs all cybersecurity and information protection activities for the enterprise. The successful candidate will be responsible for protecting the confidentiality and integrity of customer, employee, and business information in compliance with organization policies and standards. Responsibilities include: monitoring, incident response, forensics and investigations, threat intelligence, scanning, penetration testing, technology evaluation, security reviews, security tools/systems architecture, implementation & administration as well as standards/procedures development. The IT Systems / Information Security Specialist must possess contemporary industry knowledge with a proven track record of success in the Information Security/Cybersecurity field. This role is responsible for delivering high quality, cost-effective solutions to all levels of users and is responsible for supporting the business goals and objectives of the Enterprise.
• Evaluate the current state and recommend system tools and/or procedures to ensure the integrity and confidentiality of information assets and systems from intentional or inadvertent access, modification or destruction.
• Assist in providing support for the enterprise vulnerability management program
• Provide a single point of contact for security related topics and problems.
• Support access request processing.
• Execute periodic reviews and make updates to security policies, standards and guidelines.
• Conduct research to keep abreast of latest security issues and threat patterns
• Prioritize remediation of gaps based on internal and external audits
• Periodically evaluate network and system security requirements and recommend or develop the necessary modifications to policies, standards and procedures.
• Performs security monitoring and follow-up on incidents. Reports exceptions to senior management when necessary.
• Provides assistance to Department Managers, Operating Support Units and to the Data Owners in the risk assessments of their data and of the systems owned by the lines of business.
• Investigate, evaluate, document and correct actual or potential security exposures when identified and make recommendations for corrective action to senior leadership.
• Evaluate new systems or applications as needed to identify security issues.
• Evaluate, recommend & lead penetration testing activities as necessary and appropriate.
• Assist in planning and execution of vulnerability testing for application systems and the network environment
• Prepare security and compliance reports by collecting, analyzing, and summarizing data
• Evaluate and implement compliance activities by reviewing, reporting, and tracking of key controls
Typical skills and competencies include:
• Contemporary knowledge of security threat environment, trends and behaviors
• Strong critical thinking expertise to identify incidents and threats, perform forensic review and analysis to ensure quick resolution in an ambiguous operating environment.
• Excellent analytical, organizational, reporting and communication skills with the ability to influence key stakeholders
• Excellent interpersonal skills – ability to interact with all levels of staff.
Minimum qualifications and skills:
• Bachelor's degree in Computer Science, Engineering or a related field; or equivalent of at least 5+ years of demonstrated knowledge and experience leading and participating in IT Risk, Cyber
Security, and/or InfoSec activities, with similar knowledge and experience of information security regulations, best practices and standards.
• One or more of the following certifications: Security+, CISSP, CEH, GSEC, CISM, CRIS, and CISA or similar.
• Excellent verbal and written communications skills.
• Excellent problem solving, analytical and evaluative skills.
• Demonstrated ability to manage multiple priorities and projects.