GNC • Pittsburgh, PA 15222
Job #2700614223
Company Description
As the global leader in health and wellness innovation since 1935, GNC motivates people to reach their goals with the most trusted and exciting selection of products in the industry.
As #TeamGNC, we work hard to ensure that our consumers come first. We are always cultivating and collaborating on new ideas to bring innovative solutions to the forefront and testing new solutions to translate goals into action. Our team members are advocates for change and innovation.
There is no greater gift than good health and no greater satisfaction than helping others to achieve it. Be a part of helping others to Live Well!
Job Description
The Information Security Administrator is responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices, provisioning and de-provisioning, support for security information and event management (SIEM), audit participation and significant responsibilities for the security administration of a wide variety of applications across the enterprise. The Information Security Administrator interacts closely with IT Operations, Application Development, Compliance, and business departments.
Perform user and access administration on designated systems and applications
Perform system security administration on designated platforms:
Operating Systems
Applications and Network Security Devices
Standards and Procedures with industry best practices and vendor guidelines
Perform installation and configuration management of security systems and applications: Policy Assessment, Compliance Tools, Network Security Appliances and Host-Based Security Systems
Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities
Apply patches where appropriate and, at the direction of Director of Information Security, remove and mitigate known control weaknesses, such as unnecessary services, applications, or redundant user accounts
Locate and repair security problems and failures
Collate security incident and event data to produce monthly reports
Perform normal and exceptional processing of user access and change requests
Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes
Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues
Develop and maintain documentation for security systems and procedures
Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations
Provide guidance to junior members of the team
Respond, resolve, or escalate reported security incidents
Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity
Interpret activity and make recommendations for resolution
Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions
Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained
Administer and maintain end-user accounts, permissions and access rights for all systems
Interact closely with the audit group and outside Assessors
Manage the collection of observation responses, evidence and remediation plans
Provide oversight and coordination of audit finding remediation including tracking progress and providing status and updates to the security and remediation project team
Support e-discovery processes to include identification, collection, preservation and processing of relevant data
Additional duties as assigned
Qualifications
Bachelor's Degree in Information Systems or related field; or an equivalent combination of education and experience sufficient to successfully perform the key accountabilities of the job required
2+ years progressive IT, Network, or Application Security experience required
Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
Experience with common information security systems and tools, such as Security Information Event Management, Vulnerability Management, Intrusion Detection/Prevention, Web Content Filtering, Anti-Virus/Malware and Data Loss Prevention
Understand PCI and SOX requirements as they related to user account provisioning
Experienced with Active Directory and user account access management tools
Maintain security integrity and confidentiality to information and access required to perform job duties
Audit, compliance or governance experience preferred
Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
Ability to work well under minimal supervision
High degree of proficiency MS Office Suite, Outlook & Internet applications
Strong analytical, prioritizing, interpersonal, problem-solving, presentation, budgeting, project management (from conception to completion), & planning skills
Strong verbal and written communication skills (including analysis, interpretation, & reasoning)
Solid understanding and application of mathematical concepts
Ability to develop and maintain collaborative relationships with peers and colleagues across the organization, as well as, internal and external clients
Ability to work well autonomously and within a team in a fast-paced and deadline-oriented environment.
Ability to work with and influence peers and senior management
Self-motivated with critical attention to detail, deadlines and reporting
Additional Information
All your information will be kept confidential according to EEO guidelines.
GNC Holdings LLC is an Equal Opportunity Employer
GNC • Pittsburgh, PA 15222 • 5 Days Ago
GNC • Weirton, WV 26062 • 5 Days Ago
GNC • Fairlawn, OH 44334 • 9 Days Ago
GNC • Youngstown, OH 44515 • 7 Days Ago
Midnight Blue Technology Services • Pittsburgh, PA 15289 • 9 Days Ago
All Lines Technology • Pittsburgh, PA 15289 • 5 Days Ago
Tyto Athene, LLC • Pittsburgh, PA 15289 • May 27