IT Security Audit Specialist

Creates, maintains, and manages all security polices, standards, and processes for the company.

• Review and recommend changes and updates to processes to ensure compliance with state and federal

regulations.

• Responsible for managing and responding to both internal and external audit requests.

• Assess and create a comprehensive security vendor review process to ensure 3rd party compliance.

• Manage and conduct Security Awareness training for both employees and Advisor offices.

• Responsible for Phish testing and remediation training.

• Assists in creating and maintaining the overall threat and risk rating for the company.

• Creates cybersecurity content for both internal and external purposes.

• Monitor and resolve security ticket queue.

• Responds to reported security violations and assists in Company-wide security awareness.

• Provide security support for the TechAssist program.

• Requirement to respond to, troubleshoot, and fix security incidents on a 24x7 on-call basis including late-night change windows.

• Performs additional tasks as they apply to specific areas of responsibility.

• Provides level III user support that at times includes working non-scheduled hours

Requirements

Bachelor’s degree in computer related field and/or equivalent job experience.

• 5+ years experience creating and managing policies and procedures.

• 5+ years experience with security-based devices and software.

• 5+ years experience supporting varied infrastructure, networks, and protocols.

• Ability to work independently and as a team to ensure success.

• Ability to communicate with customers, co-workers, and various business contacts in a courteous and

professional manner.

• Ability to organize, prioritize, and handle multiple tasks.

• Ability to pay close attention to detail.

• Knowledge of security devices and technologies such as: firewalls, intrusion detection systems, EDR &

XDR systems, penetration & vulnerability scanning, malware management systems, email filters,

encryption technology, and internet technologies

• Knowledge of Cloud security: Active Directory, WAFs, Cloud hardening.

• Knowledge of multiple protocols such as: TCP/IP, TCP, UDP, and well-known ports on each.

• Knowledge of multiple operating systems such as: Windows, Linux/Unix, and Apple.

• Knowledge of routers, switches, intranets, and VPN configuration/implementation

• Excellent oral and written communications skills

• Ability to be at work on a regular basis to support normal business hours.

• Available for 24/7/365 support of security situations.

DESIRED EDUCATION, SKILLS, AND EXPERIENCE:

• Security Certifications

• Shared service security model

• Policy management and creation