• Job Description

  Req#: ITSEC006830

  Job Summary

  Responsible for implementing, and maintaining secure systems and networks. Works closely with cross-functional teams, including IT, network engineering, and cybersecurity, to ensure systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. Identifies vulnerabilities and potential threats, and develops and implements security solutions to mitigate risks.

  WHAT YOU WILL BE DOING:

  • Implement, and maintain secure systems and networks, including, endpoint detection and response systems, vulnerability management platform, identity and access management platform and email gateway.
  • Perform vulnerability assessments, penetration testing, and risk assessments to identify and prioritize potential security risks and vulnerabilities.
  • Develop and implement security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents.
  • Monitor and analyze security logs and events and respond to security incidents in a timely manner.
  • Collaborate with cross-functional teams to ensure security requirements are incorporated into system and network design, development, and implementation processes.
  • Provide technical expertise and guidance to IT and network engineering teams to ensure that security controls are effectively implemented and maintained.
  • Stay current on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
  • Participate in incident response activities, including investigation, containment, and recovery efforts, as needed.

  WHAT IS REQUIRED:

  • Bachelor's degree in Computer Science, Information Technology, or related field; or equivalent combination of education and/or experience.
  • 5 years' experience in system security engineering, network security or similar work.
  • Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls.
  • Hands-on experience with security technologies, such as firewalls, IDS/IPS, SIEM, Endpoint detection and response, and vulnerability scanning tools.
  • Experience with risk assessment, penetration testing, and incident response methodologies.
  • Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching.
  • Familiarity with security-related regulations, such as HIPAA and PCI-DSS.
  • Excellent analytical, problem-solving, and troubleshooting skills.
  • Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.

  PREFERRED QUALIFICATIONS:

  • Professional certifications such as CISSP, GCPEN, CISM, CEH, CASP+, CompTIA Security + or other similar credentials.
  • Proven track record of successfully implementing security programs and initiatives within an organization.
  • Knowledge of threat intelligence, security analytics, and advanced security technologies.

  Equal Opportunity Employer
  This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

• About the company

  James Avery Jewelry offers high quality, artfully crafted jewelry in sterling silver, gold and gemstones. From a one man's endeavor in his mother-in-law’s garage, the company has grown into a team of 3,500 designers, craftsmen, sales associates, and support staff offering unique designs to customers throughout the nation. The majority of our designs are originated by skilled individuals in the company’s design studio and then finely crafted and produced by artisans predominantly in the Texas Hill Country.

Notice