IT Security Specialist
Glen Allen, Virginia, United States
TriMech Company
TriMech is your complete engineering resource, we specialize in providing SOLIDWORKS, 3DEXPERIENCE, 3D Printers, FEA tools and more. We supply software, hardware, services, to support every stage of product development, from initial sketch to...DUTIES & RESPONSIBILITIES:
- Monitoring and Administering Security Technologies:
- Administer and support firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM systems, and endpoint protection technologies, such as Microsoft Defender for Endpoint, with a focus on security hardening and advanced threat detection.
- Utilize Microsoft GCC, Intune Security Configurations, and AWS GovCloud environments to maintain secure infrastructure, ensuring compliance and robust protection against threats.
- Administer and support identity and access configurations within Intune and the GCC tenant, ensuring that all identity-related processes align with security and compliance standards.
Compliance Management & Ongoing Compliance Maintenance:
- Ensure relevant business units comply with frameworks such as CMMC, GDPR, ISO 27001, NIST 800-171, and ITAR.
- Assist with ongoing compliance maintenance, continually reviewing and updating policies and processes to ensure TriMech stays in alignment with evolving regulatory standards and best practices.
- Administer and document all compliance efforts, ensuring complete audit trails and streamlined reporting for internal and external audits as directed by the Global Manager of IT Security and Compliance.
- Serve as the Federal Contract Information (FCI) representative for the North America (NAM) compliance efforts, overseeing all handling and security of government data and ensuring adherence to U.S. federal regulations.
- Implement and maintain data security processes, including asset and data destruction.
Vulnerability Management & Incident Response:
- Assist with vulnerability management programs, conducting regular assessments, deploying patches, and mitigating identified risks.
- Review SIEM logs regularly to identify security events and potential incidents, ensuring that all anomalies are addressed quickly.
- Assist with incident response, coordinating with relevant teams to mitigate security threats and ensuring thorough post-incident reviews.
Identity and Access Management:
- Administer identity and access management solutions, ensuring secure role-based access and enforcing least-privilege principles across the organization.
- Continuously monitor and update access controls to align with industry best practices and internal security policies.
Documentation & Evidence Collection:
- Maintain up-to-date documentation of policies, procedures, and training manuals, ensuring all processes are aligned with industry standards and compliance requirements.
- Gather and maintain evidence for audits and compliance assessments using, ensuring accurate and complete audit trails.
Cybersecurity Awareness & Training:
- Assist the Global Manager of IT Security with cybersecurity awareness training for new hires and current employees, focusing on IT security best practices and compliance requirements.
- Participate in the development ongoing educational programs to ensure employees stay informed on evolving security threats and regulations.
Security Audits & Industry Engagement:
- Work closely with external auditors and consultants during internal and external audits, ensuring compliance with regulatory requirements and security best practices.
- Collaborate with external auditors and consultants to continuously improve TriMech’s security posture, identifying areas for enhancement and implementing solutions, with the direction of the Global Manager of IT Security and Compliance.
- Attend and participate in security conferences, auditing events, and security tech events to stay informed about emerging security threats and cutting-edge technologies.
Collaboration & Assistance:
- Assist the Global Manager, IT Security and Compliance, in executing security initiatives and ensuring compliance efforts are on track.
- Occasionally collaborate with the DoD Director regarding NAM compliance and specific compliance-related projects.
- Work with the rest of the internal IT and Systems teams, supporting the ongoing IT Security events and tickets.
Additional Duties Performed Outside Formal Job Role:
Helpdesk Ticket Management:
- Provided helpdesk support, addressing a variety of technical issues related to software, hardware, and security.
- Assisted employees with troubleshooting, escalating issues when necessary, and ensuring timely resolutions to minimize downtime.
- Continued to assist with IT system administration tasks, including software updates, system configurations, and hardware maintenance and tickets when possible. Working with the IT team to support day-to-day operations.
Skills & Experiences
- 2-5 years' experience
- CompTIA Security+ certifications
- Working knowledge of PowerShell scripting and tooling.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS CMMC Compliance CompTIA DoD Firewalls GDPR IAM IDS Incident response Intrusion detection IPS ISO 27001 Monitoring NIST PowerShell Scripting SIEM Threat detection Vulnerability management
Perks/benefits: Conferences Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.