We are looking for a Unix/Linux Admin to support multiple Security Applications as a SME in the linux space.
Accountable for activities that ensure all users in the organization have the appropriate levels of access to applications, systems and data resources. Evaluates and maintains procedures to safeguard information systems assets from intentional or inadvertent access or destruction. Ensures compliance with Security regulations and laws. Recommends and implements changes to enhance security controls and prevent unauthorized access. Responsible for role-based implementation, role management, and access governance. Implements and manages the enterprise security support model for new applications. Monitors systems, networks, servers, and databases for potential system breaches. Responds to alerts from information security tools. Assigned to projects of medium size/scope. Provides consultative expertise on a wide variety of project and initiatives.
• Performs a lead role in Linux and Unix Security Application Development and Configurations
• Responsible for the end-to-end completion of security requests on the Linux Platform
• Provisions user security roles and manages security groups across systems, platforms, databases, applications, servers, directors and folders related to AIX, Rhel/Linux on Power, and RHEL
• Analyzes existing agent structures to improve and streamline structures, security administration and improve end-user experience related to CPU Consumption on the scope platforms
• Responsible for highly sensitive security access for outsourced vendors and ensuring compliance with policy, regulations and contractual requirements.
• Accountable for highly sensitive emergency processes.
• Creates or maintains application scripts and uses application specific tools to create or manage application security.
• Tracks and documents security issues and requests, actively monitors work queue for File Integrity Monitoring (FIM)
• Plans, coordinates, communicates, tests and implements audits ensuring that access entitlements are appropriate for job requirements.
• Creates and coordinates completion of detailed security reports to fulfill audit, management or business owner requirements.
• Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels.
• Interfaces with users to understand new capabilities, implement procedures, ensure security procedures have been communicated properly and are being adhered to.
• Provides input to drive process improvements.
• Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security.
• Maintains and creates operational procedures and maintains Security Knowledge Base.
• Performs system monitoring activities, identification and evaluation of security threats, breaches and vulnerabilities.
• Responds to security alerts.
• Responsible for on-call release support.
• Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings.
• Defines scope of operational initiatives and adjusts priorities to support workload.
• Provides subject matter expertise, leadership and guidance to work teams and end users on security policies, standards and procedures and processes.
• Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues.
• Researches solutions works with vendors to enhance Security Monitoring Program.
• Coordinates and documents exceptions to security policy as directed by the Exception Governance Team.
• Develops training content as needed.
• In-depth knowledge of Information Technology field and computer systems
• Demonstrated organizational skills
• Demonstrated ability to adapt to change and collaborate as part of a team
• Ability to manage tasks independently without close supervision and take ownership of responsibilities
• Ability to learn from mistakes and apply constructive feedback to improve performance
• Must demonstrate initiative and effective independent decision-making skills
• Ability to communicate technical information clearly and articulately
• Must have an understanding of the systems development life cycle
• Must have advanced security knowledge of the organization's existing platforms, systems, databases, and application security and are able to handle most regular issues independently.
• Advanced analytical thinking, problem solving, quantitative analysis ability.
• Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements.
• Must have advanced proficiency with RACF, TSO and tools used to administer security on the mainframe
• Must have advanced proficiency with Active Directory groups and user accounts, Windows folder structures and folder security.
• Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc.
• Must have advanced proficiency of UNIX/Linux security and tools used to administer security in these environments
• Must have advanced proficiency of LDAP groups and user accounts and tools used to administer security in this environment
• Must have advanced proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL and Oracle
• Must demonstrate expertise with security management tools
• Strong knowledge of Florida Blue business processes is required
• Works without daily supervision to meet customer expectations
• High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy
• Experience using Agile methodology specific tools, languages and specialty skills may vary
5-8 year of related work experience or equivalent combination of transferable experience within IT Security
Related Bachelor's degree in an IT related field or relevant work experience
COMPTIA Security+ or equivalent