|
• Perform user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures
• Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures o, as well as with industry best practices and vendor guidelines.
• Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
• Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities.
• Locate and repair security problems and failures.
• Collate security incident and event data to produce monthly exception and management reports.
• Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate.
• Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
• Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
• Develop and maintain documentation for security systems and procedures.
• Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations.
• Provide guidance to junior members of the team.
Academic/Experience/Competency
BA/BS in Information Technology, Computer Science, or related field or equivalent work experience.
5 to 7 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration;
• Understanding of in security subjects
• Knowledge of security policies and interprets policies
• Understanding of a specific security application or tool and how it works
• Ability to assess security safeguards
• Ability to deal with threats and intermediate level incidents
• Ability to deal with intrusions at a moderate threat level
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
• Technical proficiency with security-related systems and applications, especially:
• Experience in developing, documenting and maintaining security procedures.
• Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts.
• Working technical knowledge of current systems' software, protocols and standards.
• Strong knowledge of TCP/IP and network administration/protocols.
Tasks completed on a daily, weekly, monthly or annual basis, project assigned
• Windows and AD problem / incident / change / request tickets from ITSM
• Act as an escalation point for Windows, AD, Azure Security Issues
• Support for regional and global IT projects
• Coordinate with Platform Security Engineering SME
The Senior Security Administrator role is to function as a Senior Support and escalation and configuration for Windows & Active Directory. This includes consultation and technical support for projects and ITSM tickets. As part of their SME function, they will work with project teams, other technology groups and other lines of business to consult on projects. The Security Admin is expected to learn, understand and ensure compliance with all Honda regional and global IT policies.
Knowledge, skills, abilities, traits, certifications, years of experience, to successfully perform job function
• Bachelor's degree in Information Systems, Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.
• Knowledgeable on Security and Control Frameworks, such as ISO 27002, NIST, COBIT, COSO and ITIL;
• 10 years as an Information Security and/or Windows Systems Administrator
• 8+ years of directly related experience supporting Active Directory operations and engineering with increasing responsibility.
• 5+ years of combined IT and Security work experience with a broad range of exposure to systems analysis, applications development, database design and administration.
• Must possess proven experience working with a large enterprise distributed computing environment. These experiences should include:
o Directory Services Infrastructure architect/design/support in a Multi-domain forest
o Strong understanding of architecting and configuring Microsoft Windows OS technology including AD Forests, Domains, Trusts, DNS, DHCP, Group Policy and Organizational Units.
o Radius Server support, including Microsoft Network Policy Server
o Manage Azure AD permissions and Trust relationships, Manage Forest/Domain/OU/User Object management
• Ability to deal with threat and intermediate level incidents
• Ability to deal with intrusions at a moderate threat level
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
• Ability to work with stakeholders and other technical teams to collect business and technical requirements and design / deliver enterprise level solutions.
| |
