7 - 9 Month Contracting Opportunity
The Information Security consultant is a key role in our Information Security Governance team and works directly with the Senior Manager of Information Security and Audit Compliance to develop and oversee implementation of our security requirements throughout the client’s computing environment. Responsibilities include the following:
• Develop identity and access management system requirements, processes, and specs based on organizational needs
• Participates as SME in IAM implementation efforts; produces and updates documentation related to the IAM environment
• Provides identity and access management technical support, including researching and answering technical questions
• Identify and assess the adequacy and effectiveness of IT controls related to both SOX and minimum IT security and control requirements.
• Identify control gaps and improvement opportunities.
• Assist in the documentation of control narratives as well as IT policies and procedures.
• Assist in the design and preparation of metric and scorecard reporting on IT compliance and governance.
• Assist in the performance of IT governance and compliance processes.
• Develop security policies, procedure, and standards requirements to support the full life cycle protection of the client’s confidential information
• Research, recommend, deploy and integrate the security tools and processes needed to protect the client’s information assets and infrastructure
College degree in related field. A minimum of 7 years of Information Technology experience with at least 4 years of Information Security experience
• Experience with Cyber-ark is plus
•3-5 years in a security analyst position familiar with anti-virus, spam management, intrusion detection, and network security management
• 3-5 years in a security auditing position
• Experience with Identity access management solutions.
• Experience in Financial Services or Insurance Industry highly desirable.
• Good knowledge of SOX, COBIT or ITIL
• Experience with information/data threats or breaches (leakage, loss, theft)
• CISSP, CISA/M or similar certification a plus. ITIL certification a plus
• Understanding of network and Web related protocols (TCP/IP, UDP, IPSEC, HT/P, HTTPS)
• Good management and coordination skills
• Keeping current with regulatory requirements
• Familiar with Disaster Recovery, Business Continuity and Security a plus
• Excellent oral and written skills