Information Security Administrator

Finance and Business Operations

DESCRIPTION:  Information Security ensures that all of the systems used to design, build, and launch rockets faster, cheaper, and with better quality remain safe and secure.  From analysis and review of systems to monitoring our network, we work across the enterprise to maintain a secure and safe environment for our information, systems, network, and applications.
As a Security Administrator, you will be part of a small team that plays a crucial role in keeping our information safe and secure.  You will work with networking, systems, engineering, and development teams advising them on security topics and then helping review, test, and confirm implementations.  The Security Administrator will also work as part of a team on selection, configuration, and management of tools to improve security, automate testing, and verify compliance with standards
  • Review and evaluate through security audits all network, storage, server, and software security and provide recommendations to mitigate risks
  • Manage system updates, patches, and security configurations of all IT infrastructure
  • Manage corporate SSL certificates and SSH keys
  • Configure and maintain client security software including anti-virus, firewall, and full disk encryption
  • Monitor and maintain remote access infrastructure including SSL VPN, site-to-site IPSEC VPN, and remote desktop gateway servers
  • Define and enforce controlled access to corporate security zones including share and file system permissions, group membership, computer ownership, and physical characteristics such as location
  • Develop methods to test and validate implementation of requirements for new and existing applications and systems.
  • Monitor and maintain the security of routers, switches, firewalls, and other security related network devices
  • Monitor and maintain wireless (802.11) network security, including regular spectrum, rogue access point, and encryption protocol audits
  • Author and exercise a comprehensive information security incident response plan
  • Investigate security incidents, identify root, technical, contributing or organizational causes, and implement preventive actions
  • Promote awareness of information safety and security throughout the enterprise
  • Produce and maintain centralized threat intelligence systems to support regular audits of external and internal systems, and on-going monitoring of advanced persistent threats and remediation of non-persistent threats including virus outbreaks and compromised user accounts
  • Produce and maintain information security best-practices for IT staff and employees, and train employees on information security best-practices for traveling, mobile devices, and sharing information
  • Minimum of a bachelor’s degree in information systems security or equivalent
  • 10+ years of experience as a practicing information security administrator or equivalent position
  • CISSP certification or equivalent
  • Experience implementing security applications including installation, configuration, and automation of processes.
  • Strong analytical skills with a passion for driving decisions and change based on data.
  • Excellent written, verbal, and interpersonal communication skills
  • Ability to work independently and as part of a team of highly skilled IT systems administrators
  • U.S. citizen or permanent resident alien
  • Experience in resource management and performance appraisal
  • Budget forecasting, expenditure management, variance analysis
  • Experience in network or systems administration or software development
  • Strategic planning for technology growth
  • Preserving assets through defining disaster recovery and business continuity processes