Information Security and Systems Specialist

Position Summary:

The Information Security and Systems Specialist provides best practice recommendations and continued guidance in the development, implementation, and adherence of security policies, processes, and standards for St. George’s School. Proficient in a vast variety of technologies, the appropriate candidate must be a quick thinker, capable of managing several projects simultaneously. Efficient in troubleshooting while boasting exemplary customer service and communication skills, the Information Security and Systems Specialist is responsible for the institution’s business continuity and disaster recovery plans, in addition to reactionary measures in the event of a breach. He or she must be patient, diplomatic, and able to gracefully work across all departments. The candidate will assist in audit procedures, risk assessment, cyber insurance, and data center administration, in addition to network and telecom initiatives, where appropriate.

Responsibilities:

• Support daily security operations to minimize the vulnerability of school systems, solutions, and users.
• Assist in the definition and development of department policies, standards, procedures and process workflows.
• Evaluate applications and systems to ensure security requirements are met prior to adoption.
• Participate in the coordination and implementation of security standards for institution system deployments and projects.
• Coordinate tabletop exercises with critical stakeholders to appropriately address business continuity concerns.
• Lead risk analysis and risk assessment activities to support regulatory requirements related to academic, health, financial, etc.
• Guide the technology team and applicable departments in meeting annual audit requirements.
• Recommend and provide framework for institution cyber insurance policy.
• Perform annual Payment Card Industry review of applicable departments, systems, and processes.
• Support development of corrective action plans to address control deficiencies.
• Complete and maintain living documentation for disaster recovery and business continuity protocols.
• Manage security training initiatives for end users, including but not limited to virtual training campaigns, presentations, and simulations.
• Work with lead stakeholders across all appropriate departments to ensure the secure access and handling of school data.
• Monitor critical data center and cloud solution back-ups and address improvements, as needed.
• Review and identify areas of concern in system logs from applicable systems such as firewalls, spam filters, monitoring solutions, etc.
• Identify and document current or potential security problems and their resolutions.
• Collaborate with IS Manager, as needed, regarding system configurations and modifications.
• Lead relationship with external managed security services team.
• Maintain endpoint encryption solution for designated user-base.
• Administer and support email encryption solution for select group of users who frequently manage PII or other sensitive information.
• Provide periodic updates, reports, and recommendations of best practice security and controls, risk assessment, and risk remediation strategies.
• Source outside consultants/vendors to plan security enhancements.
• Maintain internal server infrastructure TLS certificates, SAML certificates, and third-party API integrations.
• Anticipate potential security vulnerabilities and help develop strategies/plans to minimize or avoid their impact on the school.
• Attend conferences, seminars, and the appropriate training to maintain current best practices, standards, and knowledge. Some travel required.
• Maintain the data center in the absence of the IS Manager.
• Provide after-hours support as needed.
• Perform other duties as required by the IS Manager.

Skills/Qualifications:

• Bachelor’s Degree in Computer Science or Information Security; Master’s preferred.
• Minimum 5 years systems support experience.
• Demonstrated knowledge in cyber threat intelligence lifecycle, attack techniques, threat vectors, risk management, and incident management.
• Experience with Sophos Central synchronized security platform.
• Microsoft Active Directory.
• Understanding of Trustwave file integrity monitoring.
• Experience with Virtru email encryption.
• Knowledge of Cisco Umbrella.
• Understanding of Backupify.
• Experience with Arctic Wolf managed security services.
• Expert in Datto SIRIS.
• KnowBe4 Security Awareness tools experience.
• Familiarity with JAMF MDM and Symantec Ghost.
• Understanding of spam filters, web filters, and firewalls.
• Experience with Cisco and Aruba wired and wireless solutions.
• Security certification preferred.
• A certification preferred.
• Network certifications preferred.
• Microsoft certifications preferred.
• Apple ACMT certification preferred.
• Excellent troubleshooting, interpersonal, and communications skills.
• Strong customer-facing service experience, offering kind and patient client support.
• Ability to work with colleagues and clients on a variety of learning curves.
• Productive and flexible; able to contribute in a team environment.
• Able to multitask, self-manage, set and meet deadlines.
• Approaches challenges with a positive attitude and levity.
• Desire to work in a dynamic, fast-paced, academic climate.
• Candidate must pass a nationwide criminal record check.
• Must be able to read, write, speak, and understand English fluently.

Physical Requirements:

• Must be able to lift equipment and packages up to 75 lbs.
• Must be able to bend, stoop, kneel, climb stairs/ladders, and use hand tools.

DISCLAIMER:

THE ABOVE STATEMENTS ARE INTENDED TO DESCRIBE THE GENERAL NATURE AND LEVEL OF WORK BEING PERFORMED BY EMPLOYEES ASSIGNED TO THIS JOB. THEY ARE NOT INTENDED TO BE AN EXHAUSTIVE LIST OF ALL RESPONSIBILITIES AND DUTIES REQUIRED OF PERSONNEL SO CLASSIFIED.

Job Type: Full-time

Benefits:

• Dental insurance
• Employee assistance program
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Retirement plan
• Vision insurance

Schedule:

• Monday to Friday
• Weekends as needed

Ability to Relocate:

• Middletown, RI 02842: Relocate before starting work (Required)

Work Location: In person