Position: Senior Security Analyst
Location – Pleasanton, CA
Duration – 6 months +
The tasks for the Security Consultant include, but are not limited to, the following:
1.Act as a Lead Consultant/Subject Matter Expert/domain champion
2.Work on development of Information Security plan (ISP) and performing gap analyses
3.Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
4.Assist with audit remediation validation for compliance to security policies/standards
5.Assist in the evaluation of security risk assessments and gap analysis
6.Knowledge transfer to and training of State Fund employees
7.Assist in updating/developing policies, training materials, website, procedures, controls, etc.
8.Assist in creating policy compliance procedures including compliance measurement reports/dashboard
9.Assist with audit remediation validation for compliance to security policies/standards
10.Assist with the implementation of the various security tools
11.Knowledge transfer to and training of State Fund employees
12.Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
13.Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects
14.Knowledge transfer to and training of State Fund employees
TECHNICAL KNOWLEDGE AND SKILLS:
• Hardware: network switches, routers, load balancers, servers, storage systems
• Operating Systems: UNIX, Linux, Windows
• Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
• Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, Samba, etc
• Active Directory
• Vulnerability Assessments
• Secure Software Development Lifecycle
• Penetration Testing
• Mainframe DB2
• Oracle databases
• Best Practices Standards: ISO 27001/27002, PCI:DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.
• Excellent communication, technical writing, and customer service skills
• Critical thinking skills
• MUST POSSESS CURRENT CISA AND CISSP CERTIFICATIONS
The Consultant resource(s) shall possess most of the following skills:
• Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.
• Provide more in-depth analysis with a high-level view of goals and end deliverables.
• Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
• Plan and manage all aspects of the support function.
• Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
• Strong knowledge in project management practices and ability to document processes and procedures as needed.
• Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
• Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.
• Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
• Ask questions and share information gained with other support team members, recording and documenting this knowledge
• Elicit and gather user requirements and/or problem description information, and record this information accurately
• Listen carefully and act upon user requirements
• Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
• Present technical solutions to management and decision makers
• Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
• Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
• Take responsibility for the integrity of the solution
• 5-15+ YEARS’ EXPERIENCE IN INFORMATION SECURITY, AUDIT, AND SECURITY/AUDIT COMPLIANCE.
• CISSP REQUIRED. OTHER HIGHLY DESIRABLE SECURITY CERTIFICATIONS MAY BE SUBSTITUTED FOR CISSP (FOR E.G., CISM, CISA, ETC.)
• EXTENSIVE EXPERIENCING CONDUCTING ISO 27K GAP ASSESSMENT PREFERRED BUT NOT REQUIRED
SHOULD HAVE EXTENSIVE EXPERIENCE IN LEADING IT SECURITY/COMPLIANCE/AUDIT PROJECTS.
Direct # (510)-936-8653
48531 Warm Springs Blvd, Suite 405, Fremont, CA 94539