Security Specialist – Governance, SIEM & DLP (SOC)

At Philadelphia Company, we believe that technology should support and enhance your organization’s success, not constrain it. With our wide range of best-in-class services, we provide customized solutions that fit your unique IT needs. We’re committed to excelling at our job so you can focus on doing yours.

Summary

IT Security Sr. Specialist provides expertise in the evaluation, development, implementation, monitoring and maintenance of information security tools and technologies. Participates in day to day security operations and the security incident response process.

Essential Duties & Responsibilities

• Responsible for Data Leak Prevention (DLP) service. Actively monitors DLP system to reduce likelihood that confidential data is removed from “THE CLIENT”'s environment without authorization.
• Governance of security managed service providers.
• Provide governance for and expertise for the monitoring and management of Security information and event management (SIEM) system
• Must understand malware in both static and dynamic environments, understanding its capabilities, and the threat it poses. Must be able to provide guidance and mitigation strategies to protect against malware.
• Provide expertise on various security tools, including firewalls, Web Application firewalls, IDS/IDP, anti-malware software.
• Provide governance for and participate in the computer security incident response (CSIRT) process by ensuring that the process is being followed and documented. Respond to escalated security events and drive the security incident response process.
• Participate in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environments.
• Perform control reviews and account administration of critical information technology resources.
• Participate in vulnerability scans, penetration tests and ethical hacking tests that are conducted and manage results to remediation of issues found
• Will work with internal and external auditors to demonstrate and provide evidence for controls that are in place. May conduct additional testing to validate that items found during tests have been remediated.

Skills, Knowledge & Abilities

• Solid understanding of SIEM operations.
• Experience with the CSIRT process
• Experience with industry standard security technologies such as Firewalls, IDS, Anti-virus and DLP
• Knowledge of how to apply information security principles to secure platforms and prevent threats.
• Knowledge of regulations (i.e., SOX, privacy, etc.) and internal controls as they apply to IT.
• Ability to influence change in corporate understanding and adoption of information security concepts.
• Proven analytical and problem-solving skills.
• Experience in multiple operating system environments (windows, UNIX, etc.)
• Excellent communications and interpersonal skills and the ability to work effectively with peers, IT management and staff, and internal/external business partners/clients.
• Ability to manage various technical projects to completion.
• Preferred insurance industry knowledge.

Education & Experience

•    Bachelor's degree in Computer Science, or related discipline, or equivalent work experience.
•    Typically, a minimum of five years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination.
•    CISSP or equivalent certifications a plus

All your information will be kept confidential according to EEO guidelines.