Job Description

About the job
We are seeking an experienced IT Windows Server Security Specialist to join our team. The successful candidate will be responsible for ensuring the security of our Windows server environment, as well as maintaining and improving our security protocols and procedures.

Requirements

Requirements

Design, implement, and maintain security policies and procedures for our Windows server environment
Conduct regular vulnerability assessments, penetration testing, and security audits to identify and address security risks
Monitor server logs and alerts to identify and respond to security incidents
Investigate and resolve security incidents, including malware infections, unauthorized access, and data breaches
Collaborate with other IT teams to implement security best practices and standard
Keep up-to-date with the latest security trends and technologies and make recommendations for improvements to our security posture

Qualifications

Bachelors degree in Computer Science, Information Security, or related field
At least 5 years of experience in IT security, with a focus on Windows server security
Knowledge of Windows server operating systems, Active Directory, and Group Policy
Experience with security technologies such as firewalls, intrusion detection and prevention systems, and anti-malware software
Experience with vulnerability assessment tools and techniques
Strong analytical and problem-solving skills

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• K0042   Knowledge of incident response and handling methodologies.
• K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
• K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
• K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

Required Skills

• S0007   Skill in applying host/network access controls (e.g., access control list).
• S0054   Skill in using incident handling methodologies.
• S0077   Skill in securing network communications.
• S0079   Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• S0121   Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities

• A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).