The Security Administrator/Analyst performs advance technical support for the enterprise information security program. Under the direction of the BCH Oakland IT Security Manager this position will assist with the planning, implementation, maintenance, and operation of the security systems responsible for monitoring, detecting and protecting the BCH Oakland IT environment. The Administrator ensures the continued operations of BCH Oakland IT systems in the event of an IT security event and expeditiously performs the necessary actions to limit impacts of a successful data breach.
Essential Functions:
- Security Operations Management
- Assists in the daily monitoring of security systems (Endpoint Security Consoles, Managed Detection and Response Service Provider, and SIEM) for security events that require prioritization and mitigation actions.
- Verifies daily that all the security systems and applications monitoring the enterprise are fully operational.
- Ensures that applications (Tenable Security Center/Nessus) are performing scheduled scanning and reporting to support the BCH Oakland vulnerability management program. Performs adhoc scanning upon request.
- Evaluates, reviews and approves changes impacting that impact systems or environment security controls.
- Incident Response Handling
- Analyzes security alerts reported enterprise information security systems consoles and/or email notifications to determine the severity of the security event to determine if immediate actions are required.
- Performs the actions as defined in the BCH Oakland Incident Response Runbooks based upon the security event type.
- Reports on security events in accordance with BCH Oakland Incident Response Plan.
- Conducts forensic reviews based upon Indicators of Compromise of event from endpoint security products, managed detection and related security monitoring systems.
- Administration of Security Monitoring Systems
- Reviews vendor documentation (installation guides, admin guides, release notes) to ensure compatibility and applicability to the BCH Oakland IT environment. Functions as a SME for dissemination of information to ITFS, Network, Desktop Engineering teams.
- Performs systems maintenance to include Policy Development, OS, and Software updates on Enterprise Security Systems.
- Policies and Procedures Development:
- Assists in the development of BCH Oakland IT Security Policies and Procedures.
- Assists department in development of departmental policies to ensure security compliance at micro level.
- Develop procedures and/or artifacts in response to Internal Audit Findings and/or 3rd Party Risk Assessment.
- Other duties as assigned.
People Leadership Responsibilities: This role does not have any formal people leadership responsibilities, but the incumbent may be expected to train or mentor new or more junior colleagues.
Financial Responsibilities: N/A
Technical Knowledge:
- Strong knowledge of computer networking, how network devices function and capabilities.
- General knowledge and experience with Active Directory, DNS, DHCP, Exchange, File & Print Services, etc.
- Strong knowledge of office productivity applications including Excel, Visio, and other Microsoft Office and 3rd party applications.
- Network monitoring tools from vendors such as Fireeye/Trellix, Tenable, Medigate etc.
- Cisco ¿ Understanding of networking concepts using Cisco datacenter products
- Microsoft ¿ Knowledge of Desktop and Server OS, Active Directory
Minimum Education: Associate Degree (AS) in Computer related programs or equivalent work experience.
Minimum Experience: 5 years¿ experience in IT support role to include IT Security support.
Physical Requirements:
Sit: Up to 8 hours/day
Stand/Walk: Up to 6 hours
Bend/Stoop: Up to 6 hours
Reach: Up to 6 hours
Rep Use of UE/Grasp: Up to 8 hrs
Lift/Push/Pull: 25 lbs, over 25# with assistance or equipment
This job requires the ability to hear alarms clients and/or instruction. The ability to see accurately from 20 inches to 20-ft. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential function of this position.