- BA or BS in Computer Science, Management Information Systems, or related field
- 5-10 years of progressive experience in computing and information security, including experience with Internet technology and security issues
- Strong experience with a broad range of security technologies, including (but not limited to): NAC/NAP, IDS/IPS, SIEM, NIDS, Endpoint Protection & Anti-Malware, Multi-Factor Authentication, Data Loss Prevention, Certificate Management and firewalls
- Experience should include security policy development, security education, penetration testing, application vulnerability assessments, risk analysis and compliance testing.
- Knowledge of information security standards (e.g., ISO 27001/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.)
- Strong experience with architecting and deploying technical security solutions in the context of business needs; Understanding compromise between security needs and business needs
- Knowledge of desktop, server, application, database, network security principles for risk identification and analysis
- Strong analytical and problem solving skills
- Excellent communication (oral, written, presentation), interpersonal and consultative skills
- Some experience with Windows, Linux/UNIX, storage solutions, databases (including Oracle, MySQL and MS SQL), backup solutions
- Some experience with cloud security policies and procedures
- Some experience in driving security awareness into a global organization
- Some experience with digital forensics, chain of custody, etc.
Security Operations and Engineering