Sr. Systems Administrator-IT Security & Risk Management
This job is no longer active.
View similar jobs.
POST DATE 9/7/2016
END DATE 10/28/2016
JOB DESCRIPTIONAbout Us
Welcome to Ardent Mills, a new company dedicated to helping our customers innovate and grow, with the industry s broadest range of traditional and organic flours, whole grains, customized blends and specialty products. Our ingredients are backed by unrivaled technical support, food safety solutions and the supply assurance of a coast-to-coast network of more than 40 community mills and blending facilities, an artisan commercial bakery and a Mobile Innovation Center. We are Ardent Mills, working with you for the good of grain. And we re looking for dynamic people to join our team.
This position is responsible for administering and supporting information technology security components and managing, mitigating risks working closely with the Azure Cloud Infrastructure team, network management team and other teams in the IT function. Key responsibilities of this position include:
* Day to day support, monitoring and maintenance of enterprise network security systems, review of performance parameters of infrastructure components including Switches, Routers, Firewall, and IPS security logs
* Administering and configuring Cisco network devices, Palo Alto Fire Wall, Network Based Firewall in cloud, various IPS/IDS devices, tools and technologies e.g. Splunk etc.
* Maintaining and documenting security policies, identifying security process that needs to be improved, escalating infrastructure security opportunities to IT leadership
* Owning technology strategy and roadmaps of the security areas around network and infrastructure core services including IT vendor services as appropriate
* Identifying and adopting new, emerging technologies that can be successfully integrated into existing infrastructure, processes and personnel makeup.
* Conducting audits at regular intervals to ensure compliance with company s policy and NIST standards, both within company as well as with relevant IT vendor partners
* Providing Continual Service Improvement efforts by optimizing performance, stability and capacity for the network and services at remote plants and offices in US or Canada locations
* Identifying and managing security risks, guiding end users, IT vendor partners and IT associates on risk mitigation plans
This role will provide exposure to a variety of unique issues and challenges and will provide situations to work closely with senior leaders in the company. The incumbent must demonstrate strong communication skills and should have ability to focus on key objectives, analyze situations, and recommend the most constructive solution that supports business objectives. Some limited travel may be required in this role
Responsible for Install, Configuration, Management and Support of IT security components
* Provide expertise regarding implementation, administration, and maintenance of Splunk, Firewalls, Cisco ISE, IPS and Devices.
* Configure Security Devices, Routers, Nexus 7K and Switches to prevent any internal or external attack to network or applications.
* Perform and review Firewall policies, Cisco ISE authentication, workflow and system settings following established change process
* Follow vendor s best practice and keep security devices Operational System current as recommended by the vendor.
* Recommend and implement hardware OS update for Edge routers or Switches
* Provide advice and recommend network equipment for new network installation in HQ, plants, offices or Technology refresh for an existing facility.
* Respond to escalations from network or Infrastructure team to provide technical expertise by coordination with IT teams and with external vendor support
* Configure and tune Splunk to avoid false positive alerts
* Actively participate in a rotational network infrastructure on call schedule and support resolution of helpdesk tickets assigned to the security area in a timely manner to meet business requirements.
* Create Access List, Policies or Rules into Security Devices to protect and monitor network and applications.
Analysis of security devices logging information and take action to remediate an ongoing issue or prevent an external attack.
* Demonstrate expertise in reading Security device log information.
* Familiar with TCP and UDP traffic flow and Ports use.
* Familiar with Wireshark protocol Analyzer
* Help integrate logs and perform analysis that pertain Advanced Threat Protection
* Assist in the development of Monitoring System alerts and IPS alerts to maximize information value from each system
* Work closely with network teams to review high-level architecture goals and define a workable, plan for accomplishing design goals
* Maximize the capabilities of deployed tools and technologies to ensure protection of company s IT assets
* Keep Network Security documentation up to date.
Conduct vulnerability assessments to mitigate external and internal risks
* Design assessment methods and processes
* Work with external vendors to conduct vulnerability assessments to Network
* Conduct Network Forensics to mitigate or prevent an external attack
Participate as a team member and/or lead on assigned projects
* Expert consultation to key business customers and members of the plant engineering team and enterprise security team and infrastructure team
* Provide detailed tasks, time estimates, and resource recommendations to the Project Lead for assigned projects
* Assist in IT projects as necessary
* Contribute to building and maintaining the IT security infrastructure, monitor and suggest improvements to all areas of IT security
* Demonstrated ability to cross train other members of the team in network security solution
Identify process improvements and develop process documentation
* Help develop and enforce strict governance of Company s Security policies
* Assist cloud administrators and other network analysts in the identification and implementation of appropriate IT security measures
* Ensure process is shared with and implemented by network or Infrastructure teams
* Work across teams and with vendors to identify and resolve complex security issues
* Participate in updating business continuity plans and disaster recovery documentation and drills
Skills & Experience
* Broad knowledge of Infrastructure domains such as Servers (Linux, Windows), VMware, Citrix, Storage (NAS/SAN), Network (WAN/LAN) and Cloud Infrastructure
* Advanced understanding of functioning of firewall's, IPS, Cisco ISE, and proxy solutions in a complex multisite environment
* Demonstrated knowledge of
* Cisco ASA, Splunk, Network based firewall and Palo Alto Firewall installation and management
* Layer 2/3 switching and Layer 2/3 routing protocols.
* Palo Alto IPS and Web Filter functionality
* Networking and system administration experience
* Network security design implementation
* Syslog Functionality
* Assessment, evaluation, design, implementation of solutions related to following security areas: Large corporate firewall extranets, mail, and internet in a cloud infrastructure.
* Understanding of Microsoft SQL Database construction and database monitoring
* Familiar with Identity management techniques and its deployment
* Ability to troubleshoot technical issues with customers and systematically resolve complex networking and application issues
* Demonstrated knowledge of VPN and remote access protocols
* Demonstrated ability to work within an agile project management framework
* Demonstrated ability to effectively collaborate with multiple teams in meeting objectives
* Excellent written and verbal skills
* Ability to work with remote users and analysts with varying levels of skill sets
* Ability to work with senior leadership team in specialized situations
* Ability to prioritize