Information Security Specialist and above

TSYS Prepaid is is a leading provider of corporate payroll card solutions that help employers offer a direct-deposit option to their employees. At TSYS, they do more than support payments they support people. In fact, they believe that payments should revolve around people, not the other way around a principle they call People-Centered Payments®.

Description 3rd Shift: 6pm to 6am Every day, the people of TSYS® improve lives and businesses around the globe through payments. We make it possible for millions of people to move money between buyers and sellers using our payments solutions including credit, debit, prepaid and merchant services. We are "People-Centered Payments", and our team has the unique opportunity to help create a world in which payments make people's lives easier and better. This is both a tremendous honor and an important responsibility for those who accept the challenge. If you are looking to make a valuable difference for people everywhere — and for yourself — TSYS may be the right place for you.

* Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software . * Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security . * Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Investigates and resolves security incidents and recommends enhancements to improve security. * Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents. * Coaches Analysts Sr and Analysts II, I of how to monitor complex systems and response to known and emerging threats against the TSYS network via intrusion detection software * Guides on detailed, comprehensive investigation of security issues, i.e. to review security log data, interpret data in support of security event management process from various data feeds and triage on a wide variety of security events. * Can provide investigation by himself. * Manages incident handling processes which include implementation of containment, protection and remediation activities. * Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing of third party software/solutions, * IT configuration changes (including access control requests), and network/system architecture from risk perspective * Responsible for the design and configuration of security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls. * Assesses and disseminates threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model. * Assesses risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); enhances knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information) , and Card personalization. * Guides on creating cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software. * Performs day-to-day Information Security functions pertaining to computer security software products and processes. * Works closely with subject matter experts and management to develop skill set for non-routine work. * Enhance understanding of business objectives and helps providing direction based on risk, Corporate Security Policy, and association and regulatory guidelines. * Develops long term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation.

Minimum Qualifications * Bachelor's Degree - Bachelor's degree in Computer Science, Info Security, or related field * Typically Minimum 6 Years Relevant Exp - Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)), etc.). * Knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.) * Professional certifications CISSP(Certified Information System Security * Professional),CISM(Certified Information Security Manager) ,CISA(Certified-Information-Systems-Auditor),GSEC(GIAC Security Essentials) ,Network +,Security + Role Expectations * SKILLS / KNOWLEDGE - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Some barriers to entry exist at this level (e.g., dept./peer review). * JOB COMPLEXITY - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside own area of expertise. * SUPERVISION - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead). * Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. * Incident Response - Knowledge and skills to contribute to all phases of Incident Response.