*Can be located in Northbrook, IL; Charlotte, NC; Hudson, OH and Irving, TX*
The Company Protection team provides capabilities associated with network, application, and infrastructure security controls and apply this knowledge to evaluate, test, and rate the effectiveness of these controls within the environment. Individuals in this space review and assess the potential risk of new industry threats, as well as implement and manage technologies capable of averting, detecting, investigating, and/or eliminating those threats. Individuals in this may liaison with other organizations to help with the collection and management of security data required for legal or investigatory purposes. This position may also identify and analyze business practice irregularities including various information seeking violations and infractions and evaluate potential damages or recommend cost-effective measures to prevent recurrences.
The Protection Sr. Consultant executes processes and leverages technologies to ensure protection against current and emerging threats. Individuals at this level administer and configure technologies and leverage processes to help manage issues that threaten the Security of the Company environment.
Participate in multiple activities associated with complex technologies and processes designed to protect Company from current and/or emerging threats: research, investigation, testing, evaluation, design, implementation, configuration, documentation, and/or operations.
Partner with Architecture on activities associated with technologies and or processes that impact our ability to manage or investigate security risks.
Conduct risk analysis and/or risk assessments both inside and outside the company (examples include physical threats, Internet attacks, malicious code attacks, national security issues and compliance with regulations) and provide recommendations and/or mitigation strategies to management.
Communicate with peers, partnering technology areas, and direct leadership to help ensure appropriate understanding of current and/or emerging threats, along with steps that can be taken to manage those threats, along with steps that can be taken to manage those threats
Help drive the planning and delivery of technologies implemented to detect, avert, investigate, and/or eliminate threats to the security of the Company environment.
Drive the review and resolution of security incidents that impact the confidentiality, integrity, or availability of Company systems.
Drive efforts to analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
Review, recommend, and approve major changes, and communicate critical changes for supported technologies and processes.
Perform forensic activities, including HR driven investigations, legal driven ediscovery, and digital review/evidence collection for compromised systems.
Develops implementation and verification procedures to ensure successful installation of security systems designed to help detect or mitigate risk within the Company environment (including functionality, integrity, and stress testing; test matrices; and definition of test methodologies and strategy).
Lead efforts to ensure plans integrate effectively with other technologies deployed to detect and manage security events within the Company environment.
Document incident resolution and posts to appropriate logs/knowledge base for future reference. Responds to incidents/calls, determines severity, and takes action within the specified service level for rapid response support.
Resolves complex incidents and escalates highly complex incidents and problems.
Education: College Degree or equivalent work experience; 5+ years work experience in security or risk management, networking, or related technology based role.
Proficient with Unix administrations and supporting applications in a Unix environment.
Certifications in area of specialty a plus.