Company Confidential
Qualifications:
Education:
Bachelor degree in Computer Science, Information Systems, Business Administration and/or equivalent security certification (CISSP, SSCP, GIAC, CEH, etc).
Extensive experience in/with:
- Performing installation and configuration management of security systems and applications, including: policy assessment and compliance tools, network security appliances and security systems.
- Reporting unresolved network security exposures and misuse of resources or noncompliance situations using defined escalation processes.
- Developing and maintain documentation of security systems and procedures.
- Responding to security incidents and escalating security incidents as appropriate.
- Monitoring system logs, SIEM tools and network traffic for unusual or suspicious activity and interprets and make recommendations for resolution.
- Assisting in coordination of remediation required by audits, and document exceptions as necessary.
- Researching threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
- Conducting penetration tests and vulnerability assessments on information systems and infrastructure.
- Monitoring security vulnerability information from vendors and third parties.
- Assisting in security investigations and compliance reviews, as requested by internal or external auditors.
- Assisting in the development of security architecture, policies, principles and standards.
- Researching, evaluating, designing, testing, recommending and planning the implementation of new or updated information security technologies.
Skills:
- Strong team-oriented interpersonal skills, with the ability to effectively interface with a broad range of internal/external contacts and roles, including vendors and IT-business personnel.
-
Excellent presentation, persuasion, written and interpersonal skills to include procedure and technical material, report/proposal preparation and oral presentation.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
Technical knowledge of:
- Mainstream operating systems [for example, Microsoft Windows and Red Hat Linux] and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Working knowledge of:
-
Network security technologies (e.g. SIEM, DLP, Firewalls, IDS, IPS, Web Application Firewalls, Load Balancers, Web Filtering proxies, Email Gateways, along with routing and switching fundamentals)
-
Risk assessment, threat and incident management methodologies.
-
Network infrastructure, including routers, switches and the associated TCP/IP network protocols and concepts.
-
Regulatory requirements such as PCI, FFIEC and Gramm-Leach-Bliley Act.
-
Governing security best practices such as NIST and CIS.
Ability to:
-
Contribute and collaborate as a team member.
- Work proactively and independently.
Knowledge of Security concepts and ability to apply them to business processes (concept of least privilege, handling of contractor access, concept of locking down, integration/production environments), etc.
To apply for this job email your details to Info@princetonstaffingsolutions.com