IT Security Operations Administrator II
|Here at Discount Tire, we celebrate the spirit of our people with extraordinary pride and enthusiasm. Our business has been growing for more than 60years and now is the best time in our history to join us. We are opening more locations every year and we are always looking for qualified individuals to join us in our growth. We are a company that promotes from within, both in our retail and corporate operations. Administers security applications and systems. Delivers accurate documentation in support of the organization’s PCI and other security framework requirements to ensure information security compliance. Collaborates across the IT, Risk, & Legal business segments on various security and compliance driven activities.
Essential Duties and Responsibilities:
- Administer the annual PCI audit through collaboration with stakeholders; including but not limited to meeting facilitation, reporting, evidence collection/tracking, and development of responses.
- Administer the PCI compliance portal
- Analyze security vulnerability scan results; prioritizes vulnerabilities; and collaborates with IT partners to mitigate risks to an acceptable level.
- Assist the information governance team in the formation and execution of information management framework, policy, and standards for data loss prevention, privacy, data classification, and retention of digital information.
- Recommend, implement(as appropriate), and audit/validate on-going compliance/governance policies in support of information in new and existing technology such as Microsoft O365.
- Implement information security best practices which align with industry standards in support of the IT business segment strategy.
- Collaborate with the Security Operations Center (SOC) to provide support/assistance; assists with creation of repeatable process documentation.
- Ensure adherence to IT security and enterprise governance standards, processes and controls.
- Increase end user security awareness by participating in the delivery of information security best practices and threat remediation.
- Participate as a member of the Incident Response Team (IRT); focus on security event response, forensic investigations and incident recovery.
- Assist employees, vendors or other customers by answering questions related to security governance policies, processes and procedures.
- Stays current on the latest security and IT industry technologies, trends and strategies.
- Completes work in a timely and accurate manner while providing exceptional customer service.
- Other duties as assigned.
- This position requires a minimum of 3 years information security experience with progressive complexity and responsibility.
- A minimum of 3 years’ experience with information security and compliance, software development life cycle (SDLC),change management required.
- Corporate retail experience is preferred.
- Demonstrated knowledge of PCI standards is also preferred.
- Proven knowledge of information security tools, including, but not limited to, intrusion prevention, vulnerability scanning, syslog, firewall policies, reverse proxy and authentication (F5 Web Application Firewall, digital Hands AWS Logging/Alerting; Splunk Security Incident & Event Management, Firepower Intrusion Detection System, Password Vault, Tenable/Nessus Vulnerability Scanner; O365 Security & Compliance Center) is necessary.
- Demonstrated ability to analyze process workflows and identify security gaps and bottlenecks is required.
- Experience in identifying issues, performing root cause analysis, identifying relevant business risks is desired.
- Demonstrated critical thinking a plus.
- Ability to communicate across all levels of the organization, present complex ideas concisely and clearly articulate technical ideas to a non-technical audience both verbally and in writing is necessary.
- Demonstrated ability to work efficiently under pressure, accurately meet deadlines, present a professional demeanor and work well independently is essential. In addition, troubleshooting and organizational skills with a can-do attitude and the ability to adjust to changing requirements are essential.
- Maintaining confidentiality, treating others with respect and upholding Company values is key.
- This position requires an associate or bachelor’s degree in Computer Science, Business, Criminal Law or related field or equivalent experience.
- Security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+,or Systems Security Certified Practitioner (SSCP) highly desired.
- Microsoft security or administrator certifications a plus.
Normal work days are Monday through Friday. Occasional Saturdays and Sundays may be necessary.
Normal work hours are 8:00 a.m. to 5:00p.m. Additional hours may be necessary.
Please apply online or email your resume as an attached word document to Grant.Wills@discounttire.com. Thank you.