POSITION SUMMARY: Monitors, evaluates, and maintains systems and procedures to protect the data systems and databases from unauthorized users. Identifies potential threats and responds to reported security violations. RESPONSIBILTIES: Establishes and manages security perimeters, firewalls, intrusion detection and prevention systems, virus protection and detection systems, and endpoint security. Installs, configures, maintains, and documents network hardware and software information security products at multiple sites as required to implement projects. Develops the various reports and completes the forms required to capture the security related status of a system. This includes, but is not limited to developing incident reports, vulnerability assessment and standard configuration reports. Responds to security incidents and events by conducting investigations and generating final reports. Conducts internal and external network security scans and assessments; performs manual penetration testing and documents test results. Works with operations and software development teams on remediation requirements. Works with application development teams and releases engineering teams to integrate strong security controls into software development lifecycle. Reviews and makes changes to firewall rule sets. Monitors security websites, vendor alert mailing lists, and other information channels to evaluate emerging exploits. Works with Operations team to schedule patching or other remediation efforts. Provides application and network vulnerability assessments. Evaluates and assesses compliance with established information assurance policies and regulations. Conducts and documents risk and threat assessments. May make recommendations implementing countermeasures, prepares required documentation for and coordinate with senior engineers. Implements test plans and vulnerability reports. Keeps abreast of emerging security technologies and make appropriate recommendations regarding their implementation. Performs a series of technical assessments and tests, including penetration testing, with multiple security tools on networks, communication systems, applications, operating systems, servers, personal computers, and other IT related peripherals, devices or software for technical vulnerability and risk assessment. Researches, recommends, and implements changes to procedures to protect data from future violations. Participates in projects as technical expert to ensure timely implementation or delivery of critical information security infrastructure. Communicates both verbally and in writing in a professional manner. Assists in educating users on security procedures. EDUCATION & EXPERIENCE: - Typically requires a bachelor‘s degree or equivalent and five to seven years of related work experience. - Security+ Required PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.