Comporium is a diversified communications company providing a Quintuple Play of five servicesvoice, video, data, wireless and securityat the retail level; as well as, providing security monitoring and media services for its industry customers. Under this concept, the Comporium Group is uniquely positioned to offer customers a one-stop-shopping for all their communications needs.
SUMMARY
The primary purpose of this role is to participate in the development and ongoing delivery of Information Security (IS) tools and processes. This includes responsibility for executing and improving IS processes and procedures while assisting the rest of the team in securing our corporate assets.
This role addresses complex and interdependent issues that span technologies, business units and services, and drives continuous enhancement to tools and processes.
In addition, the position requires participation on project teams that deliver Information Security assignments and projects.
The individual in this role has a strong understanding of all tools and processes supported by the team, including the various integration points with other parts of Technology. The person works with a high level of independence and autonomy and assists other associates on the team.
RESPONSIBILITIES
- Experience with log aggregation and security event generation activities. Partner with IT support and infrastructure teams and assist with the management of endpoint agents. Triage security alerts and events generated by the continuous monitoring platform.
- Strong understanding of Information Security frameworks and activities: detecting, analyzing, and responding to various types of malicious activity.
- Assist the Incident Response (IR) team and perform digital forensics activities for all appropriate exploits and events. In addition, maintain a strong understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity.
- Intermediate knowledge of threat intelligence, threat hunting, attack surface management and investigations support functions. Perform quarterly vulnerability scans across all IT platforms, document critical and high gaps and communicate results.
- Participate in maintaining Cybersecurity information assurance policies, standards, awareness training, or equivalent issuances.
- Knowledgeable with Identity and Access Management (IAM) technology implementation and operations Perform user access audits in accordance with PCI DSS, NIST compliance requirements.
- Continue to keep abreast of the latest industry cybersecurity risks, trends, and advancements.
REQUIREMENTS
- Bachelor's Degree preferred or 2 years of related college and related work experience.
- Minimum of 3 years of experience in Information Security. Strong understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.) Relevant Information Security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen, SANs) IT experience in the telecommunication industry.
- Excellent competencies in planning, organization time management, written and oral communication and basic understanding of business operations.
- Ability to create accurate work plans and manage accordingly.
- Perform and deliver multiple tasks and assignments through proper time management techniques.
We firmly believe that our company is only as good as the people we employ. Join a company that values its employees and rewards them for a job well done!
Equal Opportunity Employer/Contractor