Wednesday, November 12, 2014

Sr Information Security Engineer

Sr Information Security Engineer
Senior/Specialist
Accretive Solutions - Dallas
Accretive Solutions' Executive Search Practice has been engaged by our
client in the Services industry to recruit an Information Security Engineer
- Specialist to join their team. They are located in Dallas, in the uptown
area. Our client is a leader in their industry with a high value on
security and protecting their intellectual property and their customers.
Company has a great culture, tenured leadership, Industry leader with
little turnover. Position became available because the engineer was
promoted to lead another group. Company offers a generous retirement plan
of 8% contribution and excellent tuition reimbursement program. They have a
very strong IT budget and are looking to remain cutting edge and diligent
in protecting their environment. Salary is market.
The Specialist plays a key role in protecting the their information assets
through: deploying and managing technology solutions, advising and
assisting employees in securing their information, and assisting in
refining processes to ensure alignment with policy and security via a
thorough understanding the business needs. The position manages the
enforcement of corporate security policies and provides subject matter
expertise to departments on issues relating to Information Security and
will design and implement programs for security compliance, compliance
monitoring, and user awareness. This position reports directly to the
Director of Information Security.
Responsibilities:
This position will proactively refine processes for identifying threats,
develop metrics for security functions and will create and maintain
security reports in addition to providing guidance to system and network
administrators
Research, evaluate, plan, design, specify, and recommend technologies in
support of customers;
Work help desk tickets with team, evaluate performance, monitor metrics
Collaborate on training and documentation, provide in-house training for
IT staff
Maintain up-to-date detailed knowledge of the IT security industry
including awareness of new or revised security solutions, improved security
processes and the development of new attacks and threat vectors
Provide strategic solution planning to address gaps and lapses
Designs security architecture and aids in the definition of security
frameworks
Develop and communicate security strategies and plans to security team,
departmental staff, customers and stakeholders

Advise, counsel and educate management and functional teams on security
technologies, threats, vulnerabilities and risks
Recommends solutions to difficult security problems in existing and
developing systems
Maintain industry connections through electronic means, seminars and
conferences, industry contacts, professional organization and peers
Requirements:
BS/BA in Computer Science, Computer Engineering, Computer Information
Systems, Mathematics, or other related field
5+ years of combined IT Systems, Networking, Security work experience is
required, with a minimum of 3+ years in IT Security
Prefers a CISSP or similar training and experience
Strong written and verbal communication skills
Well organized and has the ability to mentor others
Solid multi-platform knowledge including their operational/security
considerations; Experience with UNIX, Windows, Linux, and security
platforms including firewalls, intrusion detection, incident response,
vulnerability testing, operating system hardening, regulatory compliance,
and data classification
Experience with Palo Alto and Juniper is a big plus
A strong understanding of Infrastructure IT Technologies, including
applications (web, email, database), architectures (multi-tier,
load-balanced, data warehousing), software/programming (XML, SOAP), and
asset inventory management
Experience with threat assessment and attack concepts, including:
sniffing, spoofing, man-in-the middle, buffer overflows, and OWASP
Must have an understanding of security architecture and design, both local
(Common Criteria, TCB, ring states, channelization) and systematic (zoning,
tiering, DMZ) as well as basic security concepts: defense-in-depth, least
access, social engineering CIA/TPA/PDC, non-repudiation, rotation,
separation of duties
Experience with information/data protection concepts, including data
classification, value, lifecycle maintenance, destruction and reuse as well
as experience implementing security solutions
A thorough understanding of networking concepts, including topology and
technology, the TCP/IP protocol suite, standard application ports and
network behaviors is essential
Instructions:
Please contact Eric at
egentry@accretivesolutions.com
Corporate Statement:
Accretive Solutions is a national professional services firm providing
Consulting, Staffing, and Outsourcing solutions to a wide variety of
organizations from start-ups to the Fortune 500. We specialize in solving
problems in Accounting & Finance, Governance & Compliance, Information
Technology and Business Transformation. Our Executive Search practice has a
long and successful history of identifying great talent on behalf of our
clients and their organizations.
Throughout our 30 year history performing Executive Search, we have earned
an excellent reputation for delivering results and operating with the
highest degree of integrity and professionalism. One of the things that set
us apart is our practice of always doing what is in the best interests of
those we serve - both clients and candidates alike.
Accretive Solutions is an equal opportunity employer.