Position: Sr. Security Analyst
Location: Pleasanton, CA
Duration: 6+ Months
Job ID: CR107
Job Description
The tasks for the Security Consultant include, but are not limited to, the following:
· Act as a Lead Consultant/Subject Matter Expert/domain champion
· Work on development of Information Security plan (ISP) and performing gap analyses
· Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
· Assist with audit remediation validation for compliance to security policies/standards
· Assist in the evaluation of security risk assessments and gap analysis
· Assist in updating/developing policies, training materials, website, procedures, controls, etc.
· Assist in creating policy compliance procedures including compliance measurement reports/dashboard
· Assist with audit remediation validation for compliance to security policies/standards
· Assist with the implementation of the various security tools
· Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
· Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects
Technical knowledge and skills:
· Hardware: network switches, routers, load balancers, servers, storage systems
· Operating Systems: UNIX, Linux, Windows
· Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
· Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, Samba, etc
· Active Directory
· Vulnerability Assessments
· Secure Software Development Lifecycle
· Penetration Testing
· Security
· Mainframe DB2
· Oracle databases
· Best Practices Standards: ISO 27001/27002, PCI: DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.
· Excellent communication, technical writing, and customer service skills
· Critical thinking skills
· Must Possess Current CISA and CISSP Certifications
Professional skills:
The Consultant resource(s) shall possess most of the following skills:
· Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.
· Provide more in-depth analysis with a high-level view of goals and end deliverables.
· Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
· Plan and manage all aspects of the support function.
· Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
· Strong knowledge in project management practices and ability to document processes and procedures as needed.
· Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
· Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.
· Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
· Ask questions and share information gained with other support team members, recording and documenting this knowledge
· Elicit and gather user requirements and/or problem description information, and record this information accurately
· Listen carefully and act upon user requirements
· Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
· Present technical solutions to management and decision makers
· Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
· Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
· Take responsibility for the integrity of the solution
· 5-15+ years’ experience in information security, audit, and security/audit compliance.
· CISSP required. Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.)
· Extensive experiencing conducting ISO 27k gap assessment preferred but not required
· Should have extensive experience in leading it security/compliance/audit projects.
Satya
Caspex
48531 Warm Springs Blvd, Suite 405A, Fremont, CA 94539.
PH: 510-709-3806
Email: satyag@caspex.com
Web: www.caspex.com