Information Security Specialist

HNTB Corporation•Kansas City, MO

About The Position

At HNTB, you can create a career that is meaningful to you while building communities that matter to all of us. For more than a century, we have been delivering solutions for some of the largest, most complex infrastructure projects across the country. With our historic growth, it is an exciting time to join our team of employee-owners. This opportunity entails being responsible for monitoring, analyzing, and maintaining systems and procedures to safeguard internal systems, network and databases. This position facilitates ongoing security audits and disaster recovery tests and recommends changes to enhance systems security and prevent unauthorized access, as appropriate.

Requirements

Associate’s Degree in Computer Science or related degree and 4 years of relevant experience, or In lieu of education, 6 years of relevant experience; information security, information technology operations
Possesses foundational knowledge of the core components related to information security, such as end-point protection software and associated applications (firewall, anti-virus, anti-malware, etc).
Combines this understanding with intermediate knowledge of applications, networks and/or systems to identify ways to enhance security.
Ability to identify anomalies through ongoing monitoring of logs and data gathered from vulnerability scanning tools or Security Information and Event Management System (SIEM).
Resourceful and able to leverage multiple sources of data to develop a narrative surrounding technology usage and potential vulnerabilities.

Nice To Haves

CompTIA Security+ certifications or licenses preferred.
Involvement with vendor risk assessments.
Experience with security policy and standards creation, interpretation and maintenance.
Demonstrated knowledge of applying system security principles, policies and regulations.
Experience working with ServiceNow ITSM.

Responsibilities

Documents security incidents reported through our security tools or by the service desk.
Escalates security issues as necessary to leadership team.
Compiles collateral, data, and stakeholders to facilitate annual security audits.
Assists with quarterly access review of all in scope applications.
Acts as the liaison with appropriate business leaders to ensure application security.
Reviews application architecture configurations to ensure security best practices are being used.
Facilitates annual disaster recovery tests and ensures all applications have an up-to-date DR plan.
Coordinates with stakeholders to update or implement new disaster recovery plans as necessary.
Assists cross-functional IT teams when new applications are introduced to ensure compliance with IT security standards.
Performs other duties as assigned.