Title: Cyber Security Specialist Location: Hybrid Chicago Salary: $105-120K No sponsorship and No relocation Background check required JOB SUMMARY: Responsible for defending the organization from cyber security threats and risks facing any organizational asset or business function, while pro-actively monitoring the environment and enforcing security standards and procedures. Recommends changes to the organization's technology infrastructure, software, equipment, or business practices to mitigate security risks. Responsible for leading the response to any incident involving security concerns, threats or data breaches. ESSENTIAL FUNCTIONS:
- Security Systems Management and Administration (20%)
- Defend and protect the organization's systems from unauthorized access, modification or destruction
- Responsible for hands-on operation and management of critical security systems including:
- The vulnerability management system: ensuring systems across the organization are adequately patched and free from security vulnerabilities.
- The organization's security training system: ensuring the organization is sufficiently trained against security threats
- Perform investigation and eradication of infected systems or other compromise(s) including malware and viruses
- The Security Information and Event Management system; ensuring systems across the organization are sufficiently logging security activities
- The password management system: ensuring the organization is maintaining best practices in password management
- The intellectual property and dark web scanning systems: protecting the organization's key intellectual property from breach or unauthorized disclosure
- The Data Loss Protection (DLP) system; working with teams across the organization to address related incidents
- Monitoring, Reporting, and Script Development (20%)
- Actively monitor day-to-day security alerts/notifications and work with the respective team(s) responsible for the system to address the issue(s)
- Develop scripts in various systems to automate security tasks, create rules, and identify suspicious security activity
- Create and maintain alerts/notifications to notify the cybersecurity team of concerns including (but not limited to): network equipment, firewall, intrusion detection system, web application firewall, endpoint protection, data-loss protection, anti-virus, web filter, server logs, cloud infrastructure, and applications
- Actively monitor security bulletins and security industry developments
- Report and log security incidents
- Manage, monitor, and evolve key cybersecurity KPIs for the organization
- Create security reports and presentations for management
- Scanning & Testing (15%)
- Perform regular vulnerability scans of the organization's internal infrastructure, external facing websites, and third-party service provider systems
- Lead security penetration testing projects and validate results from external vendors
- Develop scripts to automate scanning activities and validate test results
- Perform quarterly PCI scans and work with internal and external stakeholders to resolve exceptions
- Research and Development (10%)
- Evaluate and recommend tools to help mitigate security threats
- Maintain current knowledge of trends in the security industry
- Training (10%)
- Lead the training for new staff on security policies and procedures
- Regularly alert staff to security concerns and best practices reminders
- Develop and lead annual security awareness training for all staff, contractors and volunteers
- Maintain the organization's security training material
- Maintain active (or pursue) Comp TIA Security + certification or equivalent, including required continuing education requirements
- Incident Response (10%)
- Coordinate the organization's incident response team in the event of a security incident
- Lead efforts for containment, eradication and recovery following any security incident in accordance with the organization's incident response plan
- Maintain the organization's incident response plan
- Administration and Documentation (15%)
- Develop and manage project plans for assigned projects
- Maintain and regularly update the organization-wide security policies and Information Security Plan
- Manage vendor relationships with key security vendors
- Review security related portions of vendor contracts
- Ensure organization is adhering to the security requirements of applicable data protection regulations including GDPR, CCPA, and PIPL
- This position requires occasional emergency after hours support
EDUCATION AND EXPERIENCE REQUIRED (an equivalent amount of training, education and experience will be considered)
- Bachelor's degree in Computer Information Systems, Computer Science, or related field is required
- 5-10 years of experience in the information technology services industry is required, including at least 3 years in a security-related role, and at least 3 years in a system and/or network administrator role
- Active (or currently pursuing) Comp TIA Security + security credential or equivalent
- Hands-on technical expertise is required
KNOWLEDGE, SKILLS AND ABILITIES including competencies that may be representative but not all inclusive of those commonly associated with this position.
- A deep understanding of security concepts and best practices
- OWASP
- Hacking techniques
- Social engineering
- Cyber attack techniques
- Encryption algorithms and ciphers
- Penetration testing
- Malware and computer viruses
- Security Information & Event Management systems (SEIM)
- Data Loss Protection
- A solid understanding of a variety of protocols and technologies
- TCP/IP
- HTTP
- Telnet
- HTML
- DNS
- Programming/Scripting
- Authentication protocols
- PCI, GDPR, CCPA, and PIPL awareness
- A solid understanding of the following technologies and concepts
- Software development
- Computer software
- Server administration
- Network administration
- Microsoft 365 administration
- Telecommunications
- Networking
- The internet
- Business continuity
- Mobile computing
- Ability to develop and execute project plans
- Ability to manage projects with multiple vendors
- Ability to work with sensitive and highly confidential information
- Ability to communicate effectively with people and other departments
- Knowledge of policy and ability to apply that to unique situations
- Ability to make objective decisions using sound judgment