*Please send me your profiles to m...@itssonline.com* *Job Title: Vulnerability Analyst II*
*Department: Information Technology * *Department Summary:* The Information Technology Department delivers superior customer experiences through the development and support of front and back office systems while focusing on IT’s four core values: Partnership, Excellence, Innovation and Efficiency. The IT Security Team* *is responsible for the implementation of controls and delivery of services ensuring appropriate logical and physical protection of information and other assets enterprise wide. * * *Job Summary:* The IT Security Vulnerability Analyst is responsible for monitoring numerous available sources of information regarding vulnerabilities to systems utilized by client, performing a risk-based needs analysis on vulnerability mitigation, and championing implementation of necessary mitigation. The Analyst will also perform periodic and new system vulnerability scanning. Strict records will be maintained by the Analyst of risk decisions made and mitigated steps taken, including any required governance reporting. The analyst will provide support in the form of threat and vulnerability analysis of our infrastructure, and will verify adherence to Security policy and known security guidelines such as Sarbannes-Oxley, PCI (Payment Card Industry standards), ISO 27000 series standards, and regulatory and compliance sources such as ING Home Office and the U.S. Office of Thrift Supervision *Essential Functions:* - Ensure the integrity and availability of systems and applications through effective management of computer resources specific to the security infrastructure. - Ensure computer systems exceed security and service level targets through the use of reliable products, penetration and security assessment testing, and sound practices. - Determine the risk-based need for deployment of mitigation tools - Monitor regulatory and advisory sites and vendor reporting sources to identify available vulnerability mitigation tools and current patch level releases that are appropriate to our environment. - Champion deployment of recommended updates and maintenance fixes, working with responsible IT Teams and reporting status as appropriate. Maintain records of risks and mitigation controls for vulnerabilities across all platforms. - Ensure that the computing environment is kept current with service and software update releases, and evaluate security assessment tools for selection and integration into the environment. - Provide technical support and awareness programs for security issues related to systems and applications within our infrastructure - Provide efficient, high quality technical support services to ensure timely response to queries, resolution of problems, and reporting/escalation of issues related to the systems. - Assist in the recommendation and design of system architectures, platforms and specifications in order to meet current security standards and future business needs. - Perform system vulnerability scanning and assessment of new systems in conjunction with Security Officer review and approval of Change Control Requests - Communicate planning and development, documentation, and status to management. - Work with the rest of the IT Security Team to ensure the physical and logical stability, reliability, confidentiality, and integrity of systems is in accordance with established standards, policies, procedures and guidelines, taking appropriate actions for all violations. - Participating in other IT Security initiatives as needed.** * * *Experience & Qualifications:* - 3 – 5 years related work experience, preferably in financial services or other regulated and secure industry. ** - 2+ years experience with Information Technology, with specific experience regarding operating system patching, vulnerability scanning, and/or intrusion detection systems.** - Effective knowledge of information security theory and practices** - Strong technical knowledge of relevant security tools and processes** - Excellent communication skills, both written and verbal** - Ability to be adaptable and flexible while responding to deadlines on assignments and workflow fluctuations.** - Ability to work with concepts and work independently.** - Excellent problem diagnosis, analytical, and communication skills.** - Ability to balance several conflicting demands to achieve optimum services performance with minimum disruption to business operations.** - Sound experience in devising ways to extract data from many sources and translating this data into useful information** * * *Education and/or Certifications:* - A post secondary education is a plus** - CISSP or equivalent certification a plus** * * *Technical skills and abilities:* - Strong knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques - Technical knowledge of desktop and server hardware and software architectures and operating systems including Windows and Vista, UNIX, and Mac - Technical knowledge and familiarity with common business and financial software applications and functionality - In depth knowledge of current LAN/WAN network technologies, architectures, principles, operations, and protocols - Knowledge of current security vulnerabilities and any resultant impact to the Bank of such - Exceptional interpersonal and customer service skills and the ability to ascertain and disseminate information quickly through a variety of channels - IT monitoring and reporting technology knowledge a strong plus Thanks & Regards Matt I.T. Recruiter. Direct: 954-362-9905 Fax: 954-212-2818 Email: m...@itssonline.com www.itssonline.com I.T. Software Solutions, Inc. 3801,N.University Dr. Suite 312 Sunrise, FL 33351 Certified ( MBE ) Minority Business Enterprise ( SBE ) South Florida Water Management District ( CDBE ) Community Disadvantaged Business Enterprise( DBE ) Disadvantaged Business Enterprises Disclaimer: Under #1618 Title III passed by the 105th U.S. Congress this mail cannot be considered Spam as long as we include contact information and a method to be removed from our mailing list. To be removed from our mailing list please reply to m...@itssonline.com, with the word “REMOVE”. -- You received this message because you are subscribed to the Google Groups "Open Source Erp & Crm" group. To post to this group, send email to open-source-erp-...@googlegroups.com. To unsubscribe from this group, send email to open-source-erp-crm+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/open-source-erp-crm?hl=en.