Information Security Analyst


Starfire Dynamics

2019-09-04 00:30:21

Job location Trenton, New Jersey, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description

Information Security Analyst

Work Location: Trenton, NJ

Term: 10 months

Years of Relevant Experience: 12+ years

Preferred Education: 4-year college degree or equivalent technical study

The Information Governance Security Consultant is responsible for planning and maintaining enterprise-wide information security framework and governance like NIST CSF, PCI DSS on premise and cloud.

The consultant will ensure that the design/implementation of NIST CSF, PCI DSS and Risk platforms to meet security requirements on-premise and cloud. The consultant must have experience in Network Security design and IT security engineering and architecture. This includes hands-on experience designing and deploying security solutions, strong experience in network security design, architecture and implementation.

Must have Domain expertise in 3 or more of the following areas: governance and compliance, cloud security, network security, network architecture and routing, Windows platform security, UNIX/Linux platform security, encryption, threat management, application security, database management / security, data governance, entitlements management, identity and access management, data loss prevention, PKI, authentication technologies.

The consultant must have the experience and ability to perform systems security or vulnerability analysis and design. They also must have:

  • Experience and understanding of governance frameworks like NIST CSF, PCI DSS.
  • Experience as a project manager is required.
  • Experience and understanding in routing protocols; of Network Layer concepts and technologies, packet- level understanding of basic TCP/IP protocols, and of VPN technologies to include GRE and IPsec.
  • Detailed understanding and configuration experience of routing firewall and load balancing technical capabilities.
  • Through knowledge of IPS/IDS and Web proxies, application security, authentication and access management, security threats and security tools.
  • Hands-on experience with ethical hacking and incident response. Experience with Security Audit project such as PCI DSS.

Responsibilities:

  • Experience and understanding of governance frameworks like NIST CSF, PCI DSS.
  • Experience as a project manager is required.
  • Advise and share best practices, compliance and processes.
  • Maintain oversight of the program ensuring compliance objectives are consistently met.
  • Coordinate remediation plan and facilitate communication with stakeholders within the Judiciary.
  • Collaborate with cross-function teams to collect evidence for the assessment.
  • Maintain documentation in support of processes and controls.
  • Proactively identify compliance issues through ongoing compliance management testing and validation.

Qualifications Required:

  • Bachelor s degree in Computer Science,
  • Engineering, MIS or related field required with
  • 12+ years relevant experience; or Master s degree with 8+ years relevant experience; or equivalent work experience
  • 4+ years of IT experience
  • 2+ years of Information Security experience
  • 2+ years of project manager experience
  • 2+ years of experience with cloud security experience
  • Strong communication skills in both oral and written presentations and reports
  • Demonstrate leadership and project/programs management skills

Qualifications Preferred:

  • Security Certification a plus PMP, CISSP, GIAC, CRISC, and or CCNP/CCNA

Skills are to include:

  • Cloud Security Design
  • Network Security Design
  • IT Security Architecture, designing & deploying security solutions
  • Experience in network security design, architecture and implementation
  • Domain expertise in network security,
  • Domain expertise network architecture and routing
  • Domain expertise Windows platform security
  • Domain expertise UNIX Linux platform security
  • Domain expertise encryption
  • Domain expertise threat management
  • Domain expertise application security
  • Domain expertise database management/security
  • Domain expertise data governance
  • Domain expertise Entitlements management
  • Domain expertise identity and access management
  • Domain expertise data loss prevention
  • Domain expertise PKI
  • Domain expertise authentication technologies
  • Experience and ability to perform systems security or vulnerability analysis and design
  • Knowledge of routing protocols
  • Experience and understanding of Network Layer concepts and technologies
  • Packet-level understanding of basic TCP/IP protocols
  • Experience and understanding of VPN technologies to include GRE and IPsec.
  • Detailed understanding and configuration experience of routing firewall
  • Detailed understanding and configuration experience of load balancing technical capabilities.
  • Through knowledge and experience of IPS/IDS and Web proxies
  • Through knowledge and experience application security, authentication and access management
  • Through knowledge and experience security threats and security tools.
  • Hands-on experience with ethical hacking and incident response.

The ideal candidate can:

  • Demonstrate expertise in teaching, conveying technical and or functional courses and concepts.
  • Develop appropriate work programs and use to effectively schedule tasks and assignments.
  • Identify improvements to project standards to achieve high quality services and products.
  • Assessment and recommendations of on-site security compliance.
  • Management or Lead Experience (preferred)
  • Experience working in a DevOps environment (preferred) and a cloud computing environment (preferred)

REQUIRED SKILLS

YEARS OF EXPERIENCE

WHEN THE SKILL WAS LAST USED

Governance Experience (NIST CSF, PCI DSS) in an Enterprise Environment

Information System Security

Project Management Experience

IT Security Best Practices regarding (a) networks and networking including protocol analysis, anomaly detection, and troubleshooting

IT Security Best Practices regarding Windows and *nix Servers and workstations

Vulnerability assessment tools including but not limited to the following technologies; databases, web based applications, Windows and *nix file serve

HIPAA, IRS and Social Security Administration information security standards and regulations

4-year college degree or equivalent technical study

- provided by Dice

Inform a friend!

location

Top