Post a Job

Security Operations Specialist Lead

Full Time

Website Les Schwab

POSITION SUMMARY:

The Security Operations Specialist Lead is responsible for safeguarding assets, data, and operations against various cybersecurity threats, adherence to established protocols and procedures while proactively identifying and mitigating risks. Performs routine level security operations tasks with minimal supervision but under the direction and guidance of the Information Security Officer.

PRIMARY RESPONSIBILITIES:

35% – Work closely with various departments and teams to assess cybersecurity risks and collaborate on remediation and improvement strategies.

  • Conduct assessments to identify and prioritize cybersecurity risks within production applications, and environments throughout the enterprise.
  • Review and provide recommendations for security controls, including access lists, encryption, network segmentation, and security configurations.
  • Manage security assessment tools.
  • Drive continuous improvement of cybersecurity assessment processes and tools.

35% – Respond to security events and alerts.

  • Monitor security event logs and alerts from various sources including security monitoring tools, third parties, network devices, servers, and endpoints.
  • Manage and maintain security monitoring tools and drive continuous improvement of cybersecurity monitoring processes.
  • Support incident response efforts, including containment, eradication, and recovery, in the event of a cybersecurity incident.
  • Facilitate swift recovery from cybersecurity incidents and minimize disruption to business operations.

20% – Support compliance with industry standards and regulatory requirements.

  • Assist with auditing and maintaining organizational compliance requirements.
  • Work with third parties to facilitate audits and communicate reports to departments that require remediation.

10% – Support Information Technology 

  • Support new information technology initiatives by providing cybersecurity guidance.
  • Initiate and participate in emergency meetings and actions to resolve major outages of server, networking, or telecommunications systems.

EDUCATION & SKILLS REQUIRED:

Educational/Experience Requirements:

  • Four year degree in a related field (security, network or application) OR may substitute a minimum of 8 years of experience in an information technology role.
  • At least 4-5 years of progressively responsible experience in cybersecurity roles, with a focus on areas such as network security, information security, security operations, or incident response.
  • Cybersecurity industry certifications are preferred: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Internal Security Assessor (ISA – PCI)
  • If a candidate lacks a certification at the time of application, they may commit to obtaining one within the first year of employment. This demonstrates a willingness to invest in professional development and align with industry standards.

Required Technical Skills/Knowledge:

  • Network Security: Understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network architecture.
  • Operating Systems: Proficiency in various operating systems (e.g., Windows, Linux, Unix) to assess security vulnerabilities and configure security settings.
  • Cloud Security: Knowledge of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and how to secure cloud-based infrastructure, applications, and data.
  • Encryption and Cryptography: Understanding of encryption algorithms, cryptographic protocols, digital signatures, SSL/TLS, and PKI.
  • Web Application Security: Familiarity with common web application vulnerabilities (e.g., OWASP Top 10), secure coding practices, and web application firewalls (WAFs).
  • Security Assessment and Penetration Testing: Experience in conducting security assessments, vulnerability assessments, penetration testing, and ethical hacking to identify and remediate security weaknesses.
  • Security Information and Event Management (SIEM): Proficiency in using SIEM tools to collect, analyze, and correlate security event data for threat detection and incident response.
  • Endpoint Security: Knowledge of endpoint protection solutions, Endpoint Detection and Response (EDR/XDR), and endpoint security best practices.
  • Identity and Access Management (IAM): Understanding of IAM concepts, identity governance, authentication mechanisms, access control models, single sign-on (SSO), and privilege management.
  • Incident Response and Forensics: Experience in incident response procedures, digital forensics techniques, evidence collection, and analysis of security incidents.
  • Security Compliance and Regulations: Familiarity with industry standards (e.g., ISO 27001, NIST), regulatory requirements (e.g., PCI, CCPA), and compliance frameworks.
  • Security Architecture and Design: Ability to design and implement secure systems, networks, and applications, considering security principles and best practices.
  • Threat Intelligence: Knowledge of threat actors, malware analysis techniques, threat hunting methodologies, and leveraging threat intelligence feeds.
  • Risk Management: Understanding of risk assessment methodologies, risk mitigation strategies, and how to prioritize security efforts based on risk analysis.
  • Communication and Collaboration: Effective communication skills to convey complex security concepts to non-technical stakeholders, collaborate with cross-functional teams, and provide security awareness training.

BENEFITS:

  • Annual profit-sharing bonus
  • FREE medical healthcare option for employees
  • Company-funded retirement plan – no cost to employee
  • Paid holidays
  • Paid time off
  • Hybrid arrangements available (3-4 days in office 1-2 days from home)
  • Tuition Assistance
  • Employee discount

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions/primary responsibilities. This job description is not all inclusive and is subject to change.  Additional duties and tasks may be assigned, as necessary.  Employment remains “AT WILL” at all times.  

To apply for this job please visit lesschwab.wd1.myworkdayjobs.com.

Share on
Print