Security Systems Administrator

Job Description

Responsibilities

The Security Systems Administrator role is responsible for all aspects of GolfNow operations services infrastructure. Including: security, provisioning systems, providing day-to-day support, proactive maintenance, and system troubleshooting. This position will require 24x7 support availability. Attention to detail and creativity is required for this role.

The Security Systems Administrator will work directly with the Technology Governance manager to lead GolfNow's compliance program. This includes conducting technical assessments leveraging PCI, HITRUST, CSF, and HIPAA.

Job Duties
• Security
• Contribute in developing and executing a comprehensive PCI DSS technical assessment program by reviewing, evaluating, and testing security policies, related technologies, systems, applications, and processes to assess security controls and their effectiveness in meeting PCI DSS Compliance.
• Examine records, reports, operating practices, documentation, and log files by generating audit reports to ensure the confidentiality, integrity, and availability of information resources.
• Reviews may include administrative, physical, or technical controls are adequately implemented.
• Partner and collaborate with internal teams to facilitate discussion of identified findings by preparing final report based on audit tests.
• Assist internal and/or external auditors as necessary in their audits and/or special projects
• Provisioning
• Install new/rebuild existing servers and configure hardware, peripherals, services, settings, and security controls within standards and operational requirements.
• Develop and maintain installation and configuration procedures.
• Operations Support
• Perform ongoing performance tuning, hardware upgrades, and resource optimization as required.
• Assist in implementation and documentation of Datacenter Services Infrastructure.

Maintenance
• Respond to service interruptions as they occur.
• Identify capacity and performance issues to ensure uninterrupted service.
• Test and evaluate systems

Qualifications/Requirements
Basic Qualifications
• 4+ years' experience in a corporate IT environment.
• Working knowledge of any of the following frameworks: PCI DSS, NIST 800-53, ISO 27001, HITRUST
• Experience developing threat models
• Subject Matter Expertise in one or more of the following areas:
Software design and architecture
Windows/Linux operating systems
Network devices and protocols, construction of data flow diagrams
• Inter-process communication, data flow diagrams, entity relationship diagrams
• OWASP Top 10, SANS 25, CWE, CAPEC 1000
• Intellectual capability and curiosity to learn complex processes.
• Strategic thinking and decision-making
• Ability to balance multiple demands in a fast-paced growing environment
• A dedicated and self-driven desire to think creatively and produce results
• Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors
• Knowledge of defensive security tools and platforms such as WAF, IDS/IPS, SIEM, and EDR
• An ability to articulate security related themes and principles into business terms

Additional Job Requirements
(note job #: )
• Must be willing to work in Orlando, FL

Desired Characteristics

Desired Qualifications
• Experience evaluating and reporting on compliance, gaps, and remediation against Payment
• Card Industry Data Security Standard (PCI-DSS)
• Knowledge of infrastructure security assessments against known hardening standards from CIS or NIST
• Ability to multi-task and work across multiple teams in global locations.
• Knowledge of deploying or identifying security solutions in support of PCI DSS compliance such as:
• Vulnerability Scanning
• Patching
• SIEM
• FIM
• Familiarity with cloud-based architecture and systems such as GCP and AWS.
• Strong sense of urgency and commitment, as well as sound business sense with a strategic, conceptual, and operational orientation.
• Training in Cyber Security specific disciplines.
• Ability to communicate effectively to business and technical teams.
• Experience in global environments spanning multiple time zones.
• Demonstrated knowledge of International Information Security and Privacy regulations, laws, and policies

Jobcode: Reference SBJ-g6k96j-3-17-28-48-42 in your application.