Information Security Specialist - Full Time
Posted on May 24, 2021 by West Virginia Network for Educational Telecomputing (WVNET)
Information Security Specialist
West Virginia Network for Educational Telecomputing (WVNET) connects K-12 schools, higher educational institutions, libraries, state and county government, and various not-for-profits to the Internet and the rest of the world through our state-of-the-art network and telecommunications expertise.
Our team of dedicated IT professionals provide guidance and training to educators and staff in higher education and K-12 schools. Our research and development of software, tools, and systems address problems and tackle challenges that are unique to West Virginia's public institutions and not-for-profits.
Job Title: Information Security Specialist (IT NC SYSTEMS ADMINISTRATOR)
Work Location: Morgantown, WV, 26505 (Required)
Classification: Salary, Non-Classified, Full-Time Benefits, FLSA Exempt
Salary: Starting annual salary range is $60,000 - $70,000. Additionally, WVNET offers excellent state government benefits, including comprehensive health insurance coverage, retirement investing, and life insurance plans as well as generous amounts of vacation, sick, and holiday leave.
Application Deadline: Open Until Filled
Minimum Education & Experience
- Required: Bachelor's degree in computer science, information system, information assurance, cyber security, or a technology-related field.
- Preferred: Master's degree in the same fields of study.
- 5 years - Experience working as an IT technical specialist in networking, systems operations, or similar department of a large IT organization.
- Experience working as an IT technical specialist in networking, systems operations, or similar department of a large IT organization.
- 2 years - Experience working in an information security role or department.
- Preferred: Experience working in higher education.
- Preferred: Professional security certification (eg, CISSP, CISM/A).
This position is responsible for the day-to-day management, monitoring, and maintenance of WVNET's infrastructure environment, analysing and responding to events as necessary. Must be able to utilize multiple tools to monitor, analyze and respond to infrastructure threats while working across the organization with multiple parties. Provides security expertise in support of the enterprise as it relates to IT network security, security monitoring, and security awareness. Ensures organizational compliance with security policies, standards, and processes. Assists management in the development and implementation of policies and procedures for monitoring, assessment, analysis, and response.
Job Duties & Responsibilities
Information Security Operations
- Participates in incident response activities, including readiness activities and table-top exercises.
- Monitors for and coordinates response to vulnerabilities in the agency's on-premise and cloud environments.
- Responsible for developing and implementing a comprehensive information security program and prioritized roadmap
- Conducts or coordinates periodic vulnerability scan and penetration tests
- Executes on incident response plans, identifies root causes, and drives mitigations to prevent future occurrences
- Champions projects that improve security and incident response capabilities
- Responsible for security event monitoring, management, and response utilizing SEIM toolsets
- Works horizontally across the organization to provide highly reliable, secure, and cost-effective network security services
Policy and Compliance
- Leads the implementation of security controls, practices, and policies through collaboration with other WVNET technical staff.
- Assists in risk assessments and gap analysis for compliance to various policies and regulations, including, but not limited to FERPA, HIPAA, PCI, and internal policies.
- Regularly reviews and recommends updates to internal information security policy and procedures.
- Oversees the development and delivery of a security awareness training program in coordination with the Manager of Systems and Operations
- Develops training related to cybersecurity standards, penetration testing, vulnerability assessments, and accreditation and certification.
- Engages and educates customers on information security threats and best practices to manage risk.
- Maintains a current understanding of the IT threat landscape for the industry
- Keeps current with new or evolving information technology
- Ensure reliable operation of the Linux and Windows operating system for all WVNET maintained systems.
- Assist additional WVNET groups with applications configuration and troubleshooting. This includes but is not limited to applications related to Banner and Web Development.
Knowledge, Skills, And Abilities (KSAs)
- Strong technical and operational knowledge of general security concepts and methods. (vulnerability assessments, privacy assessments, intrusion detection, incident response)
- A strong understanding of information security regulatory requirements and compliance issues.
- Experience with vulnerability scanning and security management platforms.
- Familiarity with common security and privacy legislation and regulations (eg, PCIDSS, FERPA, HIPAA).
- Familiarity with security standards (eg, NIST, ISO, COBIT).
- Excellent analytical, troubleshooting and interpersonal skills.
- Excellent verbal and written communication skills.
Equal Opportunity/Affirmative Action Employer/Veterans/Disabled
The West Virginia Network for Educational Telecomputing (WVNET) is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, or protected veteran status and will not be discriminated against on the basis of disability. WVNET provides a collegial, respectful and inclusive environment that values the diversity, creativity and contributions of its staff.