Previous Job
IT Security Admin
Ref No.: 14-01637
Location: New York, New York
Experience Level: 5 Years
Position Summary:

Protects computer assets by establishing and enforcing system access controls; managing and monitoring compliance activities, maintaining disaster preparedness plans and testing.

Essential Functions: Maintain and update a comprehensive information security program which includes information security policies and methodologies for implementation .Administer and updates the overall policies, goals and procedures for compliance related information security functions.
.Initiates, implements and develops information security, records retention, and disaster recovery programs in accordance with NIST Cyber Security framework and organizational information security needs and best practices.
.Manages compliance related activities to document, schedule and collect documentation requests and procedural information to support audit and assessment activities, including SOX, PCI, and internal audit reviews.
.Manages user authentication, authorization and access controls for systems and applications .Provides input for the selection, management, and contract relationships with third party service providers for compliance related services.
.Evaluates information risk and potential vulnerabilities on a regular time schedule and promotes information security awareness through training and education.
.Coordinates with responsible stakeholders on all information security related activities, including password management, PCI, data management and data storage, electronic and otherwise.
.Document and assess risk levels and responds to incidents on information systems, including data networks, telecom networks, hosted applications, data center systems, and other data management assets.
.Consults and interfaces with network administrators, system administrators, desktop support staff, IT staff, solution developers, and non-IT departments on security issues and requirements.
.Continually develops processes and workflows for bringing new team members into systems, as well as ensuring departing team members are properly removed from systems.
.Delivers and updates information security education programs for stakeholders.
.Documents changes to systems and networks that impact security.
.Improves security efficiency, streamlines work processes and works collaboratively with IT department personnel to accomplish objectives.
.Performs other duties as assigned.

Other Functions:
.Information Security Policies, Informing Others, System Administration, Problem Solving, Process Improvement, Project Management, On-Call

.2-5 years in IT Security, IT Operations, or the relevant job experience required .Bachelor's degree from a four-year college or university, or equivalent required .Knowledge of IT control environment required. Experience with SOX and/or PCI compliance control sets.
.Knowledge of IT frameworks preferred

Knowledge, Skills and Abilities:
.Familiarity and knowledge of security administration best practices.
.Knowledge of data security including encryption, intrusion detection, firewalls, virus protection, etc.
.Understand the issues involved with managing, administering and maintaining technology infrastructure, including network connectivity, Internet access, wireless access, email, etc.
.Knowledge of frameworks including NIST Cyber Security framework, COSO, and COBIT .Knowledge of IT Security compliance requirements including PCI, Sarbanes-Oxley, and HIPAA.
.Knowledge of Microsoft Active Directory structure and administration .Must have superior communication skills, both orally and in writing, using the English language.
.Must have excellent customer skills.
.Ability to gather information from other IT staff and non-IT staff to obtain information regarding potentially related problems to network systems.
.Ability to research and recommend purchases of tools to maintain and improve information security systems.
.Ability to use office equipment, computers, and network diagnostic tools.
.Ability to competently advise and/or serve staff from a variety of backgrounds, respecting cultural and socio-economic differences.
.Ability to work cooperatively with and contribute to a diverse workplace through ideas or experience.