SecurityRecruiter.com has been engaged by a highly desirable and highly recognized employer to add to its information security team. This is an opportunity to be part of a tightly knit team working for a manager who is unlike many managers you’ll likely find across the security profession. You’ll be eligible for 3 weeks of vacation in your first year of employment. Vacation can grow to 28 days plus regular holidays in future years. Your new employer will financially support coaching, training and certification renewal for you.
In this role, you will design and maintain controls for information security. You will review audit logs, conduct vulnerability assessments and conduct forensic investigations. This role works closely with customers, colleagues and business partners. The Analyst will interact with security vendors and service providers. The Analyst will address audit investigation requests. This role has on-call responsibility one week per month.
The Analyst will assess technical specifications and requirements of infrastructure and applications, assist in the creation of security policies, standards, procedures and training for staff. The analyst will create and maintain security standards to govern operational practices covering topics such as operating systems, encryption, network security, authorization, auditing, authentication and more. The Analyst will engineer security solutions for applications, operating system platforms, security testing and vulnerability assessment tools, methodology and procedures.
- BA/BS in Computer Science, MIS, Information Systems, Engineering or a related field of study. Equivalent work experience will be considered if a candidate does not have a 4-year degree.
- Requires 5+ years of information security experience. This experience should include exposure to information security at the enterprise level along with audit and compliance practice experience.
- Demonstrated problem solving skills, relationship building skills, presentation skills, communication skills and customer service skills.
- Demonstrate an ability to build security, risk and compliance solutions around business needs.
- The ability to design and manage information security solutions from functional requirements through the implementation of security controls and technologies (design, testing, implementation and maintenance)
- Knowledge of network infrastructures to include Web Application and Device Security, Vulnerability Assessments, Intrusion Detection, VPN, Firewalls, etc.
- Knowledge of Perl, Shell and/or HTML, C, SQL, J2EE
- Certifications to include the CISSP, GSEC, GCFA, CCNA or CCSP are preferred.
Preferred Technical Skills
- Experience designing and engineering secure architectures
- Knowledge of Trojans, Spyware, Malware, Viruses, etc.
- Proper evidence handling procedures for Computer Forensics. Experience handling evidence such as hard drives and volatile data.
- Extensive knowledge of FAT/NTFS/Ext2/Ext3 File Systems
- Cryptography, PKI, and Steganography Fundamentals
- Advanced Computer Forensic Concepts
- Security Incident Handling/Response and Risk Management
- HIDS, NIDS, Firewalls, Networking, and Perimeter Security Fundamentals and Best Practices
- Risk Assessment Fundamentals
- Computer, Network, and Policy Auditing Fundamentals
- Wireless Network Security and RF Characteristics