Monday, June 25, 2018

Senior Security Analyst

Position: Senior Security Analyst 
Location – Pleasanton, CA
Duration – 6 months +

The tasks for the Security Consultant include, but are not limited to, the following:     
1.Act as a Lead Consultant/Subject Matter Expert/domain champion       
2.Work on development of Information Security plan (ISP) and performing gap analyses       
3.Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.       
4.Assist with audit remediation validation for compliance to security policies/standards       
5.Assist in the evaluation of security risk assessments and gap analysis       
6.Knowledge transfer to and training of State Fund employees       
7.Assist in updating/developing policies, training materials, website, procedures, controls, etc.       
8.Assist in creating policy compliance procedures including compliance measurement reports/dashboard       
9.Assist with audit remediation validation for compliance to security policies/standards       
10.Assist with the implementation of the various security tools       
11.Knowledge transfer to and training of State Fund employees       
12.Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters       
13.Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects       
14.Knowledge transfer to and training of State Fund employees     

TECHNICAL KNOWLEDGE AND SKILLS:
• Hardware: network switches, routers, load balancers, servers, storage systems        
• Operating Systems: UNIX, Linux, Windows        
• Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ        
• Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP,  NFS, Samba, etc        
• Active Directory        
• Vulnerability Assessments        
• Secure Software Development Lifecycle        
• Penetration Testing        
• Security        
• Mainframe DB2        
• Oracle databases        
• Best Practices Standards: ISO 27001/27002, PCI:DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.        
• Excellent communication, technical writing, and customer service skills        
• Critical thinking skills        
• MUST POSSESS CURRENT CISA AND CISSP CERTIFICATIONS     
 
PROFESSIONAL SKILLS:    
The Consultant resource(s) shall possess most of the following skills:        
• Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.        
• Provide more in-depth analysis with a high-level view of goals and end deliverables.        
• Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.        
• Plan and manage all aspects of the support function.        
• Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.        
• Strong knowledge in project management practices and ability to document processes and procedures as needed.        
• Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision        
• Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.        
• Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables        
• Ask questions and share information gained with other support team members, recording and documenting this knowledge        
• Elicit and gather user requirements and/or problem description information, and record this information accurately        
• Listen carefully and act upon user requirements        
• Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons        
• Present technical solutions to management and decision makers        
• Follow the lead of others on assigned projects as well as take the lead when deemed appropriate        
• Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources        
• Take responsibility for the integrity of the solution        
• 5-15+ YEARS’ EXPERIENCE IN INFORMATION SECURITY, AUDIT, AND SECURITY/AUDIT COMPLIANCE.        
• CISSP REQUIRED.  OTHER HIGHLY DESIRABLE SECURITY CERTIFICATIONS MAY BE SUBSTITUTED FOR CISSP (FOR E.G., CISM, CISA, ETC.)        
• EXTENSIVE EXPERIENCING CONDUCTING ISO 27K GAP ASSESSMENT PREFERRED BUT NOT REQUIRED        
SHOULD HAVE EXTENSIVE EXPERIENCE IN LEADING IT SECURITY/COMPLIANCE/AUDIT PROJECTS.
 
 
Ramesh G
IT Recruiter
Direct # (510)-936-8653
48531 Warm Springs Blvd, Suite 405, Fremont, CA 94539
Email: Rameshg@caspex.com
Website: www.caspex.com