The Senior Security Administrator position is a hands-on security controls administrator role that requires technical experience in security product administration, cyber threat analysis and, an inquisitive desire to investigate security related anomalies. This person is responsible for a broad range of tasks, including the day-to-day administration of security devices, cyber alert response and to hunt, analyze, then solve security related challenges. This position will be responsible for administering firewalls, proxies, IPS, and other security controls along with threat analysis process development. Ability to work and problem solve with other IT teams is essential along with strong communication skills in taking complex problems and collaborating with others to develop solutions.
Responsibilities & Tasks:
Respond to and, where appropriate, resolve or escalate reported security incidents.
Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity.
Interprets such activity and makes recommendations for resolution.
Investigates/resolves security violations with postmortem analysis to illuminate issues/solutions.
Prioritizes change tickets, provides risk adjusted responses, and applies configuration changes.
Researches threats, vulnerabilities, and security controls configurations.
Takes action to mitigate threats and remediate, through security control configuration changes.
Performs system security administration on designated technology platforms.
Administers operating systems, applications, and network security devices.
Complies with defined policies, standards, and procedures of the organization, as well as with industry best practices and vendor guidelines.
Collects security appliance status and control statistics to produce exception/management reports.
Assists/trains on security tools, security report preparation, and security issue resolution.
Develops and maintains documentation for security systems and procedures.
Researches, recommends, evaluates, and implements information security solutions. Aims to identify and/or protect against potential threats, and respond to security violations.
Analyzes information from security systems to solve configuration issues and security incidents.
Investigates firewall and proxies related issues in response to network connectivity, reported issues, and customer access requests.
Investigates security related events, using standard network and host forensic tools and processes, to fully understand the impact of an event or incident.
Prioritizes change tickets, provides risk adjusted responses, and applies configuration changes through the change process.
Processes and documents events during the entire ticket lifecycle from detection to remediation.
Acts as member of the incident response team with particular focus on security control related failures or incidents.
Enforces adherence and implementation of IT-Security policies, IT Security standards, and guidelines.
Documents processes for IT security operations.
Searches the Encompass Health enterprise for security threats that are not detected by current security controls.
Implements change control tasks within Encompass Health information security infrastructure.
Works with other teams in the enterprise to investigate appropriate solutions for security issues.
Works with developers in ensuring new applications adhere to approved security policies.
*This is an in-office position at our Home Office in Birmingham, AL
License or Certification:
Security+, Networking+, CISSP, or GIAC certifications recommended
Associate’s degree or Bachelor’s degree related to computer science or information security recommended
Minimum 5 years of IT security administration experience required
Minimum 7 years of total networking, security, or system administration experience required
Experience with one or more of the following:
o TCP/IP problem solving
o Firewall administration
o Web proxies
o Network traffic analysis and technique
o IDS/IPS technologies
o Window Event log analysis
o SIEM log analysis
o Cyber threat hunting
o PCAP analysis
o Window system administration
o Unix system administration
o Administration of routing and switching technologies