The tasks for the Security Analyst include, but are not limited to, the following:
- Act as a Lead Consultant/Subject Matter Expert/domain champion
- Work on development of Information Security plan (ISP) and performing gap analyses
- Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
- Assist with audit remediation validation for compliance to security policies/standards
- Assist in the evaluation of security risk assessments and gap analysis
- Knowledge transfer to and training of State Fund employees
- Assist in updating/developing policies, training materials, website, procedures, controls, etc.
- Assist in creating policy compliance procedures including compliance measurement reports/dashboard
- Assist with audit remediation validation for compliance to security policies/standards
- Assist with the implementation of the various security tools
- Knowledge transfer to and training of State Fund employees
- Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
- Act as Lead/Co-Lead/Backup on assigned Enterprise Security project
- Knowledge transfer to and training of State Fund employees
Technical Knowledge and Skills:
- Hardware: network switches, routers, load balancers, servers, storage systems
- Operating Systems: UNIX, Linux, Windows
- Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
- Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, Samba, etc
- Active Directory
- Vulnerability Assessments
- Penetration Testing
- Security
- Mainframe DB2
- Oracle databases
- Best Practices Standards: ISO 27001/27002, PCI:DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.
- Excellent communication, technical writing, and customer service skills
- 5-15+ Years’ experience in information security, Audit, and Security/Audit Compliance.
- CISSP Required. Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.)
- Extensive experiencing conducting ISO 27k gap assessment preferred but not required
- Should have extensive experience in leading IT security/compliance/audit projects.
Ruchika Sinha| Resource Manager
48531 Warm Springs Blvd # 405 Fremont, CA 94539
Mobile: 510-378-1964 | Fax: (775)201-9919
Email: ruchikas@caspex.com
Web: www.caspex.com