: Monitor and advise on information security issues related to Company systems to ensure the internal security controls are appropriate and operating as intended.
: Manage vendors relative to Information Security systems and services.
: Assist with the design, deployment, and maintenance of the following Information Security systems: File Integrity Monitoring, Security Vulnerability Management, Security Information and Event Monitoring, Encryption and Key Management, Certificate Management, Privileged Access Management, Web Application Vulnerability Management and Web Application Firewalls.
: Assist with the coordination and execution of Information Security projects and tasks.
: Coordinate response to information security incidents.
: Assist with the development and review of Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
: Assist with design and deployment of Information Security metrics tracking.
: Conduct security research in keeping abreast of latest security issues.
: BA or BS in Computer Science, Management Information Systems, or 10 yrs of commensurate work experience.
: Five+ years of progressive experience in computing and information security, including experience with TCP/IP network design and deployment.
: Required 5 Years: Progressive experience in computing and information security - including experience with TCP/IP network design and deployment
: Required 3 Years: Experience with security policy development, network penetration testing, application vulnerability assessments, risk analysis and compliance testing
: Required: Knowledge of info security standards (e.g., PCI DSS, ISO 17799/27002, etc.), rules and regulations related to info security and data analysis.
: Required: Strong analytical and problem solving skills
: Required: Excellent communication (oral, written, presentation), interpersonal and consultative skills
: Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired.
: Knowledge of information security standards (e.g., PCI DSS, ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis.
: Strong analytical and problem solving skills.
: Excellent communication (oral, written, presentation), interpersonal and consultative skills.
: Desired 10 Years: Work experience in Information Security Engineering/Analysis
: Desired: CISSP, GIAC, or other security certifications
: Desired: BA or BS in Computer Science/Management Information Systems
Information Technology - 2 years ago