Incumbent must assure that the EDMC philosophy: quality services to clients; development, growth, involvement, and recognition of employees; sound economic principles; and environment which is conducive to innovation, positive thinking and expansion – is considered in carrying out the duties and responsibilities of this position.
EDMC is currently looking for a resource to join our IT Information Security team as a full time IT Security contractor. We are looking for an entry or mid-level contract position with the possibility of rolling into a salaried position.
EDMC IT Security Overview:
At EDMC, the IT Security Team works extensively every day to protect the confidentiality, availability and integrity of EDMC’s information.
EDMC IT Security utilizes state-of-the-art technology and processes across 3 core pillars:
• Risk Management: Identify, assesses and reduced IT-related risk within levels of tolerance set by enterprise executive management.
• Security Operations Management: Identify and respond to unusual events on EDMC systems that may indicate malicious activity, including but not limited to:
o Security Event & Incident Management: The monitoring of security related events
o Incident Response: The response process for security related incidents
o Vulnerability Management: A process of utilizing technology to assess the vulnerabilities that may exist within internal IT systems
o Data Loss Prevention (DLP): The configuration of technology to reduce critical information loss.
o eDiscovery: A process of utilizing technology to search for critical pieces of data relevant for Legal and HR team requests.
o Database Activity Monitoring: A process of utilizing technology to monitor suspicious database activity.
o File Integrity Monitoring: A process of utilizing technology to monitor suspicious activity related to the integrity of critical data and files.
o Intrusion Prevention/Detection: Monitoring systems to detect various suspicious activities.
• Third Party Risk Management: Identify risks related to procurement/outsourcing of information technology (IT) services.
As a contractor within the EDMC Information Security Team you will have the opportunity to work management in all core areas of IT Information Security, gaining first-hand experience within IT Security Operations, as well as having the opportunity to learn about the leading edge Information Security controls.
Key Job Elements:
Exposure and responsibilities may include, but are not limited to, assisting in the:
• Development of a more efficient and systematic method of capturing metrics within the IT Ticketing System.
• Development and rollout of a cloud services survey.
• Updating security related documentation (policies, procedures, standards, etc.).
• Participating in Security Training Lab exercises.
• Development and delivery of security awareness training programs.
• Monitoring of security consoles for policy violations and work to remediate identified issues.
• Developing security plans.
• Reviewing security log files of critical infrastructure components and resolve security issues.
• Developing and implementing intrusion detection processes and procedures for both host and network based solutions.
• Performing forensic investigations of security incidents.
• Developing and maintaining security incident handling processes, security policy enforcement.
• Configuring technologies and developing process and procedure documentation.
• Reviewing and revising security policies and performs high risk and sensitive security strength testing and analysis.
• Performing security strength testing / ethical hacking of the EDMC information technology environment.
Reports To: Supervisor
Supervises: Works under close supervision with no direct reports.
Interacts With: Routinely interacts with others inside the function. may have contact with customers.
Job Requirements (Knowledge, Skills and Abilities):
• We are looking for a motivated, self-starter with great communication skills and an ability to learn on their own.
• Currently has obtained or is actively pursuing a bachelor’s degree in an Information Technology related field of study
• Works well with others in a collaborative team environment
• Is eager to learn the intricacies of the Information Security domain
• Will work hard to learn while on the job and apply skills where applicable to support the team
– Able to conduct themselves in accordance with the highest standards of moral, ethical and legal behavior in the course of professional activities.
– Maintains current knowledge of security techniques and technologies and applies that knowledge to develop security programs that mitigates the security risk of EDMC.
– Researches emerging products, services, protocols and standards in support of security enhancements and development efforts. Makes recommendations to management on researched items.
– Ensures that all applicable policies and standards are strictly adhered to in the execution of their duties.
– Understands the pillars of information security (confidentiality, integrity, and availability) and able to recognize and apply it.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. The term “qualified individual with a disability” means an individual with a disability who, with or without reasonable accommodation, can perform the essential functions of the position. While performing the duties of this job, the employee is regularly required to communicate professionally in person, over the telephone, through email and other electronic means, move about the office or school, handle various types of media and equipment, and visually or otherwise identify, observe and assess. The employee is occasionally required to lift up to 10 pounds unless otherwise specified in the job description.
The intent of this job description is to provide a representative and level of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total of the specific duties and responsibilities of any particular position. Employees may be directed to perform job-related tasks other than those specifically presented in this description. Education Management Corporation is an Equal Opportunity Employer and embraces diversity as a critical step in ensuring employee, student and graduate success. We are committed to building and developing a diverse environment where a variety of ideas, cultures and perspectives can thrive.