Information Security Lead Job Description
Information security lead
provides information Systems Security Engineering support and technical execution of information security activities associated with the Assessment and Authorization (A&A) of NIST Risk Management Framework (RMF) on multiple information systems.
Information Security Lead Duties & Responsibilities
To write an effective information security lead job description, begin by listing detailed duties, responsibilities and expectations. We have included information security lead job description templates that you can modify and use.
Sample responsibilities for this position include:
The ability to engage with and present to internal senior colleagues & stakeholders to articulate security position and reasoning
Incident Monitoring and Response
Review, tuning and development of SIEM technology system and alerts
Assist with enterprise vulnerability management system
Incident response, escalation and management
Information Security guidance and leadership to junior members of the CSIRT other parts of the business
Improve enterprise capability to perform forensics on systems without the need to interrupt the employee’s work
Participate in endpoint forensic investigations using industry leading tools such as EnCase and FTK
Perform periodic risk analysis, vulnerability scanning and testing
Work closely with IT and Business teams to identify security vulnerabilities, follow-up on outstanding findings, document new or updated technology infrastructure elements
Information Security Lead Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Lead
List any licenses or certifications required by the position: CISSP, CISM, CISA, IAM, CCNA, GSLC, CASP, III, IAT, ISO
Education for Information Security Lead
Typically a job would require a certain level of education.
Employers hiring for the information security lead job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Engineering, Education, Information Technology, Information Systems, Technical, Technology, Business, Computer Engineering
Skills for Information Security Lead
Desired skills for information security lead include:
Loyalty programmes
Policy formation
Risk assessment procedures
Role-based authorization methodologies
Security attack pathologies
Firewalls
Industry and regulatory trends and developments for the enterprise technology
Information security controls
Intrusion detection
NIST
Desired experience for information security lead includes:
Vulnerability Management Systems
Scripting skills ( Java, Perl, Ruby, Python)
System Security (OS Hardening)
Possess a bachelor's degree in Computer Science, Information Systems / Security or related work experience (5+ years), and able to keep current with relevant technological change and information security best practices
BS degree or greater
BS degree or better in a technical curriculum
Information Security Lead Examples
1
Information Security Lead Job Description
Job Description Example
Our company is growing rapidly and is looking for an information security lead. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security lead
- Act as the EIS representative to Firmwide Remediation Programs
- Apply all six steps of the RMF life-cycle from categorization to security control monitoring for CYBERSAFE, DIACAP and DIARMF support to systems currently accredited in the NAVFAC systems of record (SOR)
- Provide reports of the findings for existing systems that are used to measure performance against service level agreements (SLAs)
- Supervise a staff of certified IA/Cyber Security professionals
- Establish applicable IA engineering and configuration control plans, policies, and procedures for the execution of network activities
- Analyze IA requirements and implementation of required policies, directives, and guidance for certification and accreditation (C&A)
- Analyze and develop strategies for administration of networks consistent with IA/Cyber requirements
- Incorporate OPSEC guidance/strategy related to IA/Cyber and Engineering Tasks
- Support, implement, report and administer the Enterprise-Level and Program Security Plans
- Provide technical documents in support of networks and IA/Cyber efforts
Qualifications for information security lead
- Ability to perform analysis of log files from a variety of sources within the Network Environment or DMZ (including host logs, network traffic logs, firewall logs and IDS system logs)
- Bachelor's degree in Computer Science, Statistics, Mathematics, Technology, or Related Fields
- Strong program management background
- Background in IT Security & Risk Management
- Product specific certifications such as MCSE, CCNA security
- Very good knowledge of TCP/IP protocol
2
Information Security Lead Job Description
Job Description Example
Our company is hiring for an information security lead. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security lead
- Ensure the security requirements are met, including defining the security mode, protocols and standards
- Ensure security policies, practices, and procedures are implemented
- Develop and maintain System Security Plans (SSPs)
- Assist developers by reviewing system changes for adverse security impact
- Apply continuous monitoring techniques to evaluate the systems security posture
- Evaluate vulnerabilities to ascertain if additional safeguards are needed
- Endpoint security controls, and their use cases
- Assists in effective Data monitoring and Data Loss Prevention procedures
- Investigate cyber incidents using Alienvault USM SIEM, packet captures, reports, data visualization, and pattern analysis tools
- Responds to cyber incidents by collecting, analyzing and preserving digital evidence to assist with the Incident Response team in remediation of critical information security incidents
Qualifications for information security lead
- Experience with vulnerability scanners and web application testing tools such as Nessus, Nmap, NEXPOSE, Metasploit, Wireshark, IBM AppScan
- Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology
- Have worked in an environment that had IPS enabled (Blocking Mode)
- Strong foundation in information security and IT management frameworks and standards, such as ISO27000 series, COBiT, ITIL, SANS20, PCI-DSS
- Must possess or be willing to obtain a DoD 8570 – IAM III professional certification
- DOD 8570.01 Certified at IAT Level II
3
Information Security Lead Job Description
Job Description Example
Our innovative and growing company is hiring for an information security lead. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for information security lead
- Apply knowledge gained from cyber-intel sources, Information Security community and training to continuously improve what we do and how we do it
- Participate in the development of a strategic 3 year roadmap of both technical capabilities threat projections
- Establish personal and team talent development expectations aligned with both technical skills development leadership development
- Review, analyze, help staff, and track data search requests
- Assist customers and respond to requests for information in a timely manner
- Provide subject matter expertise for operational network security
- Provide subject matter expertise for the Cybersecurity of IT infrastructure components
- Maintain a continuity folder of documentation pertaining to systems and technologies relevant to Cybersecurity in order to facilitate training and policy development
- Conduct and evaluate Cybersecurity compliance checks, document findings, and track issues through resolution
- Assessment and Authorization
Qualifications for information security lead
- Must hold an active Top Secret and current SCI Security Clearance
- Degree in information security, information management, computer science / systems, business engineering or similar
- Above 5 years of experience in working in a non-native country and culture
- 15+ years of experience with IT Infrastructure and Application processes and solutions with regard to Information Security Architecture
- Strong analytical skills and a deep understanding of the overall context
- Experience in project planning and execution economic aspects of system management and life cycle
4
Information Security Lead Job Description
Job Description Example
Our growing company is looking for an information security lead. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for information security lead
- Review, analyze and monitor security system reports and logs for suspicious activities, trends and patterns
- Work with Information Technology to mature the patch management lifecycle based on vulnerability management SLAs
- Deploy and maintain web application, source code and penetration assessment tools
- Deploy and maintain runtime application self-protection (RASP) tool
- Research, evaluate, implement and manage security tools
- Regularly re-evaluate processes and procedures to drive continuous improvement and innovation
- Provide recommendations for correct approach and strategy where security gaps exist or inadequate tools or processes are found, all within a reasonable balance between security, cost and productivity
- Working knowledge of SAP security administration procedures
- Provisions SAP access to end users following SAP security policies and procedures
- Complete risk assessments of various types (e.g.., systems, suppliers, ) and manage the remediation of any identified issues
Qualifications for information security lead
- SIEM implementation, tuning and management
- Bachelor's degree in Information Assurance, Cyber Security, Incident Response, Security Management, or discipline directly related to Cyber Security or five (5) years specialized experience and a minimum of 7 years of job-related experience
- Professional information security certification
- On-call, after hours support may be required
- 10+ years of SAP/GRC Implementation and configuration experience in the areas of Access Control suite
- CISSP, CISM, GIAC, Security+ or other relevant security certifications are a plus
5
Information Security Lead Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of information security lead. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security lead
- Participates in seminars and symposiums related to federal and state rules and regulations relating to Security and Confidentiality, assuring that appropriate changes are incorporated into the Security and Confidentiality Policies and Procedures for the Project
- Maintains up to date knowledge of best practices related to Security and Confidentiality, assuring that Project Policies and Procedures are updated to incorporate appropriate practices
- Provide thought leadership and future direction for directory and Virtual Directory technologies
- Design, engineer, and manage Radiant Logic VDS in a complex Identity environment
- Design infrastructure and software supporting the VDS system for secure operation, high performance, and high availability
- Design, manage, and support Identity and Access Management solutions within the corporate and customer facing environment
- Creating and maintaining the Disaster Recovery documents related to the VDS system
- Collaborate with other IT disciplines including the networking engineering, storage, monitoring, and platform support teams to provide resolution of service issues
- Maintain operational documentation, configuration information and other procedures
- Assist in monitoring the configuration, deployment, and integration of enterprise network technologies such as access control, routers, switches, load balancers, firewall, logging, and WIFI
Qualifications for information security lead
- Must be able to use Microsoft Office software & products
- Have held a senior level position within a Governance and Compliance role
- As a Scrum Master you will lead the team and be responsible for leading the agile transformation at the team level and for the successful execution of teams to support the delivery of strategic technology products
- You will provide leadership, direction, and coaching to the teams to encourage adoption of agile principles and practices, avoiding anti-patterns, and will empower the team to become self-directed and self-managing
- You will be responsible for forecasting and planning resource requirements
- You will be responsible to come up with Release planning, Sprint planning, backlog creation & grooming, Sprint kickoff, sprint review and retrospectives