Sr. Security Analyst

Position: Sr. Security Analyst
Location: Pleasanton, CA
Duration: 6+ Months
Job ID: CR107
 
Job Description
The tasks for the Security Consultant include, but are not limited to, the following:
·         Act as a Lead Consultant/Subject Matter Expert/domain champion
·         Work on development of Information Security plan (ISP) and performing gap analyses
·         Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist in the evaluation of security risk assessments and gap analysis
·         Assist in updating/developing policies, training materials, website, procedures, controls, etc.
·         Assist in creating policy compliance procedures including compliance measurement reports/dashboard
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist with the implementation of the various security tools
·         Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
·         Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects
 
Technical knowledge and skills:
·         Hardware: network switches, routers, load balancers, servers, storage systems
·         Operating Systems: UNIX, Linux, Windows
·         Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
·         Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP,  NFS, Samba, etc
·         Active Directory
·         Vulnerability Assessments
·         Secure Software Development Lifecycle
·         Penetration Testing
·         Security
·         Mainframe DB2
·         Oracle databases
·         Best Practices Standards: ISO 27001/27002, PCI: DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.       
·         Excellent communication, technical writing, and customer service skills
·         Critical thinking skills
·         Must Possess Current CISA and CISSP Certifications
 
Professional skills: 
The Consultant resource(s) shall possess most of the following skills:
·         Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.
·         Provide more in-depth analysis with a high-level view of goals and end deliverables.
·         Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
·         Plan and manage all aspects of the support function.
·         Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
·         Strong knowledge in project management practices and ability to document processes and procedures as needed.
·         Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
·         Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.
·         Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
·         Ask questions and share information gained with other support team members, recording and documenting this knowledge
·         Elicit and gather user requirements and/or problem description information, and record this information accurately
·         Listen carefully and act upon user requirements
·         Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
·         Present technical solutions to management and decision makers
·         Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
·         Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
·         Take responsibility for the integrity of the solution
·         5-15+ years’ experience in information security, audit, and security/audit compliance.
·         CISSP required.  Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.) 
·         Extensive experiencing conducting ISO 27k gap assessment preferred but not required 
·         Should have extensive experience in leading it security/compliance/audit projects.

Satya
Caspex
48531 Warm Springs Blvd, Suite 405A, Fremont, CA 94539.
PH: 510-709-3806
Email: satyag@caspex.com
Web: www.caspex.com