OVERALL OBJECTIVE AND PURPOSE
Responsible for providing consultative, technical research and analytical support in one of the following areas of information security: Trends, standards, best practices, concepts and solutions,
Product design, selection, configuration, hardening, optimization and maintenance
Forensic and incident response efforts This is a principal level professional position.
PRINCIPLE DUTIES AND RESPONSIBILITIES
Assists Manager in providing for the safekeeping and integrity of company information assets by maintaining systems and controls that prevent unauthorized access, modification, disclosure, and/or deletion of information from computer networks and resources
Directly interfaces with business line technical experts to provide guidance on authorization, authentication and encryption solutions
Consults with business units regarding their changing business and technical plans to ensure that information security issues are addressed early in the project life cycle
Assists in investigations known or suspected security incidents or violations and prepare reports on them
Advises Manager of changes in technical, legal and regulatory arenas affecting information security and computer crime.
Serves as a security technical analyst and advisor on company initiatives to evaluate new technology resources for program compliance by effectively testing solutions using industry standard evaluation criteria, which includes the delivery of formal papers and technical reports on test results and findings.
Reviews IT-related procurement specifications for hardware, software, or services to ensure that they include adequate security requirements or specifications commensurate with the sensitivity of the system engineer
Principle duties involve the design, development, configuration, installation, troubleshooting, analysis and technical implementation of network security designs focusing on firewalls, Intrusion Detection Systems, Digital Signatures, Certificate Authorities, PKI?s, encryption schemas, routers, and centralized authentication and access control software
Provides security alerts on hardware/software as they become available
Monitors changes in hardware, software, telecommunications, facilities, and user requirements to ensure that security is not compromised or degraded.
Leads the design & establishment of the Information Security Organizations Rapid Response Team (RRT). RRT will be on call 7x24x365 to handle network intrusions, security breaches, cyber attacks, and internal investigations
Minimum education Bachelor’s degree in Computer Science or related field
YEARS OF EXPERIENCE
8 years experience in information security
ESSENTIAL SPECIAL TRAINING REQUIREMENTS
CISSP certification desired, SANS - GIAC certification is a plus
Proven and demonstrated accomplishments in the Information Security field. Member of various Information Security Organizations (i.e., ISSA, SANS, ISC2, ESF, etc.) preferred
Excellent verbal and written communication skills
Must have excellent project management skills, including the ability to plan, organize, & prioritize multiple projects to ensure target dates & goals are achieved.
Experience with Networking Security, UNIX, HTML, CGI, SSL and XML; practical experience with firewalls; perimeter protection, virtual private networks (VPN); intrusion detection in depth; advanced incident handling and forensics practices.
Working knowledge of graphic applications used for flow-charting and infrastructure depiction such as Visio and demonstrated ability to produce high quality documentation.
GTECH - 19 months ago
GTECH will make you happy when your number comes up -- lottery number, that is. One of the world's leading operators of lottery...