Omni Inclusive
IT Security Engineer/ specialist
Omni Inclusive, Chattanooga, Tennessee, United States, 37450
Role responsibilitiesThe Junior Information Security Specialist will perform any of the following activities depending on business
needs:• Coordinate and perform ISO 27000 process management functions and control testing reporting and
activities in accordance with regulatory and departmental policy and procedures.• Update and maintain control matrices and spreadsheets, and providing recommendations for
Information Security Management System.• Assist in operational and security-related control and risk assessments to ensure compliance to
regulatory and statutory requirements, as well as industry specific guidelines, such as PCI DSS, ISO 27000, COBIT and ITIL• Develop and document security policies and procedures, training and awareness• Assist and contribute to IT Security Governance meetings and activities• Ensure business and technical requirements are aligned, security policies and are implemented within
an allowed period to meet compliance.• Develop operational reports and presentations using Excel and Power Point• Collection and consolidation of evidences to address compliance findings• Define indicators of performance and quality metrics and ensure compliance with data related policies,
standards, roles and responsibilities, and adoption requirements• Manage and implement configuration changes, monitoring, software updates for client IT Security
Infrastructure.• Analyze, troubleshoot, and remediate issues with various IT security devices.• Work closely with other IT teams to ensure the availability and security of the client's enterprise.• Deliver security solutions supporting the office and production connected systems.• Auditing deployed solutions, providing recommendations, and ensuring security policies and regulations
are followed and adhered to for all implemented systems• Plan, deploy, harden, maintain, troubleshoot, operate and manage network security solutions such as:
Palo Alto, or similar capability, next-generation firewalls (NGFW), Intrusion Detection and Prevention
Systems (IDS/IPS), Cloud based security web gateways, Firewall management tools (e.g. FireMon,
AlgoSec, Tufin), data loss prevention tools,,ICS and OT system security requirements, honeypots and network sensors.• Documentation of logical and physical architecture• Follow all the ITIL processes (incident, problem, change) for all items impacting plant operations.• Create Application and Hardware (System) Lifecycle Plans• Work with the ITP management to ensure that a multiyear lifecycle plan is created to support from 1st
to 3rd level support including milestones for all known firmware/software versions or functional upgrades
and sunset and successor systems.• Assess and Manage System Requirements and Production program fulfillment• Work with the ITP department to determine, the current level of performance expected and risk with
current process and systems. Create with the business area requirements plans for continuous
improvement of the process and systems throughout the plant.• Identify Automated Solutions which support business process maturity or improvement• Define maintenance plans for firmware/software upgrades
Required Desired:
Experience in Information Security Management
Frameworks such as ISO 27000, PCI DSS, HIPA,
NERC CIP etc.
CISSP, CRISC, CISN, CISA, and/or GIAC; or
comparable certification
Network Intrusion Prevention
Advanced Understanding of IP networks
Firewall Design/Implementation/Maintenance
Network Architecture and Design
Configuration management
System Hardening (Windows, SQL, UNIX, LINUX,
NETWORK)
Work flexibility (travel requirements, work schedule, etc.)
Work Hour flexibility required based on Production Schedule
Day to Day working relationship with the IT and Production community.
Day to Day working relationship with key business units and technology users.
needs:• Coordinate and perform ISO 27000 process management functions and control testing reporting and
activities in accordance with regulatory and departmental policy and procedures.• Update and maintain control matrices and spreadsheets, and providing recommendations for
Information Security Management System.• Assist in operational and security-related control and risk assessments to ensure compliance to
regulatory and statutory requirements, as well as industry specific guidelines, such as PCI DSS, ISO 27000, COBIT and ITIL• Develop and document security policies and procedures, training and awareness• Assist and contribute to IT Security Governance meetings and activities• Ensure business and technical requirements are aligned, security policies and are implemented within
an allowed period to meet compliance.• Develop operational reports and presentations using Excel and Power Point• Collection and consolidation of evidences to address compliance findings• Define indicators of performance and quality metrics and ensure compliance with data related policies,
standards, roles and responsibilities, and adoption requirements• Manage and implement configuration changes, monitoring, software updates for client IT Security
Infrastructure.• Analyze, troubleshoot, and remediate issues with various IT security devices.• Work closely with other IT teams to ensure the availability and security of the client's enterprise.• Deliver security solutions supporting the office and production connected systems.• Auditing deployed solutions, providing recommendations, and ensuring security policies and regulations
are followed and adhered to for all implemented systems• Plan, deploy, harden, maintain, troubleshoot, operate and manage network security solutions such as:
Palo Alto, or similar capability, next-generation firewalls (NGFW), Intrusion Detection and Prevention
Systems (IDS/IPS), Cloud based security web gateways, Firewall management tools (e.g. FireMon,
AlgoSec, Tufin), data loss prevention tools,,ICS and OT system security requirements, honeypots and network sensors.• Documentation of logical and physical architecture• Follow all the ITIL processes (incident, problem, change) for all items impacting plant operations.• Create Application and Hardware (System) Lifecycle Plans• Work with the ITP management to ensure that a multiyear lifecycle plan is created to support from 1st
to 3rd level support including milestones for all known firmware/software versions or functional upgrades
and sunset and successor systems.• Assess and Manage System Requirements and Production program fulfillment• Work with the ITP department to determine, the current level of performance expected and risk with
current process and systems. Create with the business area requirements plans for continuous
improvement of the process and systems throughout the plant.• Identify Automated Solutions which support business process maturity or improvement• Define maintenance plans for firmware/software upgrades
Required Desired:
Experience in Information Security Management
Frameworks such as ISO 27000, PCI DSS, HIPA,
NERC CIP etc.
CISSP, CRISC, CISN, CISA, and/or GIAC; or
comparable certification
Network Intrusion Prevention
Advanced Understanding of IP networks
Firewall Design/Implementation/Maintenance
Network Architecture and Design
Configuration management
System Hardening (Windows, SQL, UNIX, LINUX,
NETWORK)
Work flexibility (travel requirements, work schedule, etc.)
Work Hour flexibility required based on Production Schedule
Day to Day working relationship with the IT and Production community.
Day to Day working relationship with key business units and technology users.