Thinking of a Career in Emergency Management?
- BY Nicole Pelette
PURPOSE OF POSITION:
Individuals working as an IT Security Analyst II are responsible for working on security projects/issues for one or more functional areas (e.g., data, systems, network and/or Web) across the enterprise, develop security solutions for medium to complex assignments, work on multiple projects as a team member and lead systems-related security components. They provide expertise and assistance to all IT projects to ensure the company’s infrastructure and information assets are protected.
Individuals within the IT Security job family plan, execute, and manage multi-faceted projects related to compliance management, risk assessment and mitigation, control assurance, business continuity and disaster recovery, and user awareness. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization.
Individuals develop, execute and manage data, system, network and internet security strategies and solutions within a business area and across the enterprise. They develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines. To guide enforcement of security policies and procedures, they administer and monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain and document security controls and provide direct support to the business and internal IT groups. IT Security
professionals evaluate and recommend security products, services and/or procedures. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
IT Security professionals require strong technical, analytical, communication and consulting skills with knowledge of IT Security and related technologies. Security certifications (i.e., Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manage (CISM), Global Information Assurance Certification (GIAC) and/or other certifications) may be required.
KNOWLEDGE, SKILLS & ABILITIES:
Preferred Skills, Knowledge and Experience: