Position Description
- Security technology implementation and ongoing support; including project leadership
- Information systems vulnerability assessment and penetration testing
- Threat and security alert assessment, including recommendations for remediation
- Participation in information security architecture design
- Information security consultation for I/S projects
- Information security incident investigation
- Security-related problem determination and resolution
- Identify opportunities for security continuous improvement
- Develop and maintain information security policies, standards, procedures and technical documentation
Required Qualifications
- Six years experience in IT, three years direct IT security experience,
- In-depth understanding of informationsecurity principles and best practices,
- Understanding of vulnerabilities, exploits and threats common to IT infrastructure,
- Knowledge of ISO 27000 series and NIST information security standards and guidelines,
- Knowledge of data and network encryption technologies and processes,
- Knowledge of security requirements related to Sarbanes-Oxley, Payment Card Industry Data Security Standard and Health Insurance Portability and Accountability Act,
- Knowledge of current networking security technologies and best practices; including firewall and wireless technologies,
- Knowledge of standard security incident investigation procedures and techniques,
- Experience in developing and implementing security in-depth solutions within a large and complex multiple platform environment (network, operating systems, applications and databases),
- Experience developing and implementing centralized security event logging and monitoring solutions, including event correlation systems,
- Experience with network-based and host-based intrusion detection systems, including implementation and tuning,
- Experience performing vulnerability scanning and penetration testing, including analysis of results,
- Experience in developing and implementing security hardening standards for Windows, UNIX and network systems,
- Experience in writing security policies, standards and procedures,
- Effective project-management skills, including the ability to plan, organize, prioritize and balance multiple projects to successful completion,
- Ability to work both independently and collaboratively as a team member,
- Adaptability, analytical and problem-solving ability, and attention to detail,
- High level of integrity and trust,
- must show enthusiasm, initiative and pride in work and a
- commitment to Company and our Misson.
Preferred Qualifications
- Bachelors Degree in Computer Science, MIS, Business Management, or related disciplines,
- CISSP, CISA, CISM or GIAC certifications,
- Knowledge of X9-TG-3 compliance requirements, FIPS 140-2 and key management best practices,
- Experience with Identity Management solutions; IBM Tivoli suite of security products, including TIM and TAM preferred,
- Knowledge of database security, including Oracle, DB2 and MS SQL,
- In-depth application security experience,
- Mainframe security experience, including RACF,
- Microsoft Active Directory security and administration,,
- Strong Scripting Skills (Windows and Unix Batch Files, Perl, VBScript, REXX, etc.),
- Experience implementing Public Key Infrastructure IT Security technical risk assessment experience
How To Apply:
I.T. Staff Group
Please submit your resume as an attachment in WORD FORMAT.
|
