*Note: Please Share your consultant updated profile to hari.pra...@eaglenetworksolutions.com <hari.pra...@eaglenetworksolutions.com>*
Hi, Hope you are doing well, Please find the below requirement and if you are comfortable and interested please send your updated profile along with below details ASAP to move forward with submission process *Title: Sr. Information Security Analyst/Engineer* *Location: Reston, VA* *Duration: 6-12 Months Contract* *POSITION SUMMARY* The Senior Information Security Engineer is responsible for the planning, implementation and auditing of security policies, procedures, and operational activities which are intended to safeguard the integrity of and access to systems and electronic information for the protection against accidental or unauthorized modification, destruction or disclosure. The Senior Information Security Engineer identifies areas of support of information security policies and procedures. The candidate collaborates with the Information Security Office to develop and implement related information security policies and procedures. The Senior Information Security Engineer confers with management, developers, auditors, and other business unit personnel to identify and plan security for data, software applications, hardware, telecommunications, and computer installations and then works to ensure that plans are properly implemented and operated. This position has responsibility for the Security Operations Center (SOC) to detect actionable security events and to implement, sustain, administer and operate security tools and technologies. The Senior Information Security Engineer’s roles in the SOC is to plan and engineer security tools, execute assigned security operations functions, and operate and administer security tools directly or via 3rd party managed security services. This position will provide risk assessments and security briefings related to critical security issues and act under management approval to implement remediation and enhancement projects. The Engineer will closely support IT security awareness programs and advise resource owners on the formation of appropriate security policies in concert with Information Security Office personnel. *ESSENTIAL FUNCTIONS/RESPONSIBILITIES:* · Consult with IT staff to evaluate, select, install and configure hardware and software systems that provide appropriate security functions. · Review system, device, and application logs and event console activity to determine cause of security-related events or to identify potential security-related events. · Contribute to security incident response activities. Participate in investigations of suspected information security misuse or compliance. Develop and refine event detection, incident response and forensics technical capability and procedures. · Assist in responses to external audits, penetration tests and vulnerability assessments. Recommend the application of controls, fixes, patches, disaster recovery procedures. · Conduct penetration testing and vulnerability assessments with internal tools and coordination with external vendors. · Support network access services to include consulting on policy development and continual refinement of systems, processes and procedures to implement desired policies. · Perform firewall management, administration, and operational activities. · Manage anti-virus programs and administration. Develop thorough configuration, operations and other documentation in support of implementation and maintenance. · Operate and administer network and server technologies that monitor and enforce security policies and audit controls. · Assist with training and knowledge transfer to internal and external security operations and support activities and in documentation of security policies and maintenance of resource classification schemes. · Evaluate, implement and maintain security tools and appliances. Develop and maintain related documentation including architectural design, service definition, configuration standards, build documentation and roadmaps. Technologies include: o Multi-Factor Authentication o Secure Network Access Systems for Wired, Wireless and Remote o Vulnerability Assessment and Scanning Tools o Rogue Wireless Detection and Auditing Systems o Anti-Viral Program o Firewall Management Systems o Server Virtualization Security o SMTP and IM Gateways o Encryption Key Management o Configuration Change Detection o Data Loss Prevention (DLP) o Datacenter Network Tap Infrastructure *PRINCIPAL RELATIONSHIPS* *Internal Contacts:* Maintains regular communication with IT management and staff in relation to the security management processes and works with key IT stakeholders and business users for program implementation and information collection and dissemination. Maintains close contact with information "owners.” *External Contacts:* Has regular contact with software/hardware security vendors to keep current with new products. Works with managed services companies. Develops relationships with professional organizations to keep abreast of trends in information security. May work with partners, customers or other third party contractors on items related to information security. *MINIMUM QUALIFICATIONS* *Education/Experience:* · Degree in computer science, engineering, business or finance is preferred or equivalent experience. · 5-7 years’ experience in IT with a broad range of exposure to all aspects of business planning, systems analysis, and application development. · Five years’ experience in information security, including at least 4 years’ experience in the application and use of industry standard information security systems and methodologies specific to SEIM, IDS/IPS, VPN, firewall, data loss prevention, remote access and access control management. · Demonstrated knowledge of database technology, and related security technologies including access control, auditing tools and encryption. · Working knowledge of architectural frameworks and methodologies. · CISSP or CISA preferred. *Related Skills and Other Requirements:* · Demonstrated competency in strategic thinking with abilities in relationship management. · Passionate about Information Security. Very results oriented and highly self-motivated. · Strong deductive reasoning and critical thinking skills. · Curiosity about how things work, love of learning, embraces new ideas, thinks creatively. · Work well in small, dynamic teams with minimal direction. Ability to effectively participate in multiple projects and communicate on status and deadlines. · Excellent written and verbal communication skills. Experience briefing all levels of the organization on matters such as security incidents. · Knowledge of PCI and ISO 17799 and 27001 standards beneficial. · Experience with Software Development and QA lifecycles beneficial. *Thanks and Regards* *Hari Prasad* *Eagle Network Solutions INC* *E-Mail: hari.pra...@eaglenetworksolutions.com <hari.pra...@eaglenetworksolutions.com>* *www.eaglenetworksolutions.com <http://www.eaglenetworksolutions.com/>* -- You received this message because you are subscribed to the Google Groups "OracleD2K" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracled2k+unsubscr...@googlegroups.com. To post to this group, send email to oracled2k@googlegroups.com. Visit this group at https://groups.google.com/group/oracled2k. For more options, visit https://groups.google.com/d/optout.