Would you like to build a career with a company who stresses the importance of solid relationships and presents a challenging work load? NISC is ranked in ComputerWorld’s Best Places to Work survey for fifteen consecutive years and we are looking for a qualified individual to join our Information Security team.
The Information Security Specialist position is a role that requires a combination of technical expertise and critical thinking with a focus on project management. You will primarily work on advancing NISC’s information security initiatives by managing and deploying various information security products, maintaining a set of critical security controls, and supporting NISC’s information security policies and procedures.
Monitor the integrity of NISC’s data and network infrastructure, including but not limited to data security, vulnerability management, incident response, and access controls
Monitor internal and external security vulnerabilities on NISC’s systems and route issues to system owners for remediation
Work with NISC’s security operations center partner to identify and respond to possible indicators of compromise on NISC’s network
Conduct controlled attempts to discover remotely exploitable security vulnerabilities via MetaSploit Pro
Conduct simulated phishing tests to educate NISC employees on how to identify and protect themselves from malicious phishing attacks
Assist in responding to events that trigger NISC’s formal information security incident response plan
Assist in maintaining a system of critical security controls, including but not limited to
Maintaining an inventory of authorized and unauthorized hardware
Maintaining an inventory of authorized and unauthorized software
Maintaining a list of secure hardware and software configurations
Maintaining a process for controlling the use of administrative privileges
Support NISC’s annual internal PCI audit and maintain current knowledge of PCI rules and requirements
Support NISC’s annual Critical Security Controls engagement and serve as a project manager when following up on deliverables and recommendations from each annual engagement
Coordinate and execute information security initiatives identified by NISC’s information security task force
Support NISC’s annual SOC audit and maintain current knowledge of SOC controls
Serve as a resource for NISC’s application security program, including monitoring the results of application security scans and routing the issues to NISC’s RDQ division for remediation
Serve as a frontline resource to other employees regarding information security
Maintain current knowledge of NISC’s information security policies and procedures
Assist in the administration of NISC’s physical security program
Bachelor’s degree in information technology or related field, or equivalent IT experience
1 to 3 years of information security, network security, computer science, or information technology experience
Working knowledge of IT-related security threats and best practice safeguards
Working knowledge of industry metrics and resources, including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), and the National Vulnerability Database (NVD)
Familiarity with vulnerability management and patch management processes
Familiarity with common information security frameworks, such as NIST 800-53, ISO, and/or CIS Critical Security Controls
Knowledge of server operating systems, including both Microsoft Windows servers and SuSE Linux
Knowledge of desktop operating systems, including Microsoft platforms, MacOS, & Linux variants
An understanding of networking fundamentals such as firewall/network segmentations, firewall ACLs, security groups, and network topology
Experience with Metasploit framework, vulnerability management solutions, and industry MDR solutions a plus
The information security profession changes every day. This position requires a candidate who is able to learn new information, adapt to unexpected results, and combine a technical background with a critical-thinking skillset to find solutions to problems that do not always have a clear-cut answer.
Strong verbal and written interpersonal and communication skills
Strong research and problem-solving skills
Strong presentation and training skills
Ability to perform in-depth and on-going research
Ability to serve in a project management role
Ability to work independently, as well as in a team environment
Ability to maintain the highest level of professionalism, ethical behavior, and confidentiality
Commitment to NISC’s Statement of Shared Values
Minimum Physical Requirements:
Employees should be able to see, speak, and hear, and to operate computer keyboards or office equipment. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Management may modify this job description by assigning or reassigning duties and responsibilities at any time.
Additional Salary Information: Depends on experience.
Internal Number: 19-179
About National Information Solutions Cooperative
National Information Solutions Cooperative (NISC) is an information technology company that develops and supports software and hardware solutions for our Member-Owners who are primarily utility cooperatives and telecommunications companies across the nation. NISC is an industry leader providing advanced, integrated IT solutions for consumer and subscriber billing, accounting, engineering & operations, as well as many other leading-edge IT solutions.
At NISC, our focus is service excellence and innovative information technology solutions that enable our Member-Owners to excel in customer service, maximize diversification opportunities, and compete effectively in the changing utility and telecommunications industries..
Today, more than 20 million consumers in all 50 states, American Samoa, Palau, and Canada receive utility or telecommunications services from companies utilizing our advanced information technology systems. As a cooperative, NISC is owned by the users of our systems, our Member-Owners, providing an unparalleled working relationship and inside understanding on industry operations, changes and requirements. Our full complement of software and hardware solutions are... highlighted by innovations such as:
Internet bill payment and presentation
Graphical and mobile mapping systems
Activity costing systems
Energy deregulated billing
Telecommunications switch provisioning and many others
NISC and its subsidiaries employ more than 1,200 individuals in four cities (Lake Saint Louis, Mo., Mandan, N.D., Shawano, Wis. and Cedar Rapids, Iowa). Our staff represents a blend of seasoned professionals with in-depth knowledge of the telecommunications, energy and other utility industries along with talented technical engineers skilled in the most effective software development and delivery techniques. We are dedicated to providing quality service to our Members/Customers through unlimited phone support, online user documentation and knowledge bases, hands-on learning opportunities and site visits.