JPC is looking for a Senior Information Security Specialist that will improve existing defenses and implement new ones. The main responsibility of this role is to improve and develop our client’s cyber security defenses and security culture overall. Core Responsibilities:
Information Security Strategy: Select and support the implementation of a suitable security framework across the organization.
Security Culture: You will be the primary point of contact for security-related inquiries and concerns. You will foster a culture of security awareness, including appointing and supporting other security champions across the organization.
Security Operations Management: Manage day-to-day interactions and escalations with our 3rd party 24/7 SOC provider.
External Threat Oversight and Mitigation: Perform regular vulnerability assessments and remediation of the external surface. Work with the network team to guide them in order to ensure we leverage the threat detection and prevention capabilities of edge devices like firewalls.
Threat Intelligence Management: Act as the organization's primary source of knowledge about emerging threats, including new ransomware campaigns. Share critical information with management and relevant departments to ensure the company can stay proactive in its response to new threats.
Log Management and Detection Capability Expansion: Investigate, recommend, and implement SIEM or XDR solutions, either in-house or through external providers to improve detection and response.
Incident Response Leadership: Lead the planning and execution of incident response and postmortem exercises. Establish measurable benchmarks to monitor progress and identify areas requiring additional focus.
6+ years of experience directly involving Security Engineering work OR a Bachelor’s degree and 3 years of experience involving Security Engineering work (e.g., information systems, computer science, information security, threat intelligence, application security, incident response, etc.).
Prior tactical and strategic experience in leading Information Security initiatives and projects.
Prior experience leading or being part of a team that has successfully lead an organization through a data breach.
Holding or working towards a relevant professional certification such as CISSP, CISM, or CompTIA Security+ highly desired.
Familiarity with security frameworks such as NIST Cyber Security, ISO 27001, or CIS.
Experience with any of the following: Fortinet: firewalls and EDR. Palo Alto Networks firewalls and VPN, Barracuda Email Security Gateway
Direct responsibility for one or more of the following: Penetration testing, Forensics and incident response, Security controls gap analysis, Security administration or Network defense
Experience working with and securing multiple computing platforms (Windows, Linux, etc.)
Programming and scripting knowledge, at a level where you are comfortable automating and scripting tasks to speed up your work.
Exceptional documentation and communications skills.