Tuesday, March 3, 2015

Security Analyst

Job Summary:  
Security Analyst
Phone Hire
State Farm in Bloomington, IL
12+ Months, long term contract

Security Analyst –  Bloomington, IL 
My customer, an Insurance company located in Bloomington, IL has a long term contract available for a Security Analyst.

 seeking an experienced IT professional that has a solid background working as a Security Analyst in large corporate enterprises. The person chosen for this role must have a solid background working in business application security assessing, designing, and implementing capabilities, solutions, or preventative/remediation controls to protect proprietary/confidential data and systems in accordance with industry standards and governance/compliance requirements. Business Application security analysts apply industry standard risk management techniques to determine effectiveness of recommended or existing controls and create action plans that accept, mitigate, transfer, or avoid identified risks.

Significant duties and responsibilities for this position include:

  • Applies information security common bodies of knowledge from industry organizations in conjunction with Client's Enterprise Information Security Policy and Enterprise Privacy Policy.
  • Participates with business partners in strategic design to translate security and business requirements into technical designs and solutions.
  • Researches/investigates emerging security topics, threats, capabilities, and solution options. Applies research to policy and governance, technology strategies, and solution architecture.
  • Understands the evolving governance, compliance, and regulatory landscape as it pertains to information security, advises on appropriate areas of subject matter expertise, and assesses efficacy of controls.
  • Implements, integrates, and supports Clients infrastructure with technical applications and related vendor software/hardware
  • Performs research on infrastructure technologies and tools; designs and implements infrastructure architecture; implements and upgrades products
  • Responsible for the integrity of the infrastructure through product selection, development, understanding and managing the infrastructure, performance, and stability
  • Develops, follows, and/or implements infrastructure policies, strategies, guidelines, standards, and procedures
  • Interfaces with business partners to:
    - Understand their technical needs
    - Design, develop, or recommend integrated technical solution
    - Implement and support integrated technical solutions

Other duties and responsibilities of this position:
  • Significant understanding of OWASP principles, application architecture, ESAPI Framework, and ITIL principles.
  • High level understanding of privacy and compliance considerations/regulations (state breach requirements, GLBA, HIPAA, etc.).
  • Experience evaluating/working with third-party service providers.
  • Protects Client data and resources from accidental or intentional disclosure, modification and destruction by unauthorized personnel.
  • Implements established security patterns and policies.
  • Contributes to the development of security strategies, guidelines, standards and procedures.
  • Continual education and research with emerging security best practices
  • Identify and document enterprise risks

Qualifications/skills and experience/knowledge required for this position:
  • Must have experience in one of the following:
    • Windows Server Security (File ACLs, Hardening, GPOs)
    • UNIX/Linux Security
    • Network security
    • Directory Security
  • Must have experience in one of the following:
    • Java Security Concepts (WebSphere, Tomcat, JBOSS is preferred)
    • IIS/.Net Security
    • Authentication Configuration/Troubleshooting (Kerberos, LDAP, Basic Auth)
    • SANS Security Essentials (GSEC), Security +, or CISSP certification.
    • Application Vulnerability Management Experience
Rohit Sood, Resource Professional
15 Exchange Place, Suite #500
Jersey City, NJ  07302
Work: (201) 340-8700 Ext.406