*Information Security Analyst - Direct Client * *Immediate Interview and Start ASAP!!!*
*Please send resume to s...@cncconsulting.com <s...@cncconsulting.com> * Job Title: Information Security Analyst Location: Boca Raton, FL Duration: 12 Months Direct Client Position This role is responsible for day-to-day information security operational functions. These responsibilities include real time monitoring analysis and resolution of security events from multiple sources. This position is heavily focused on three aspects of threat and vulnerability management. The first is to manage and maintain the centralized log management, SIEM and FIM systems. The scope of the vulnerability management process includes: data, application, and infrastructure vulnerabilities and will be facilitated by a combination of manual processes and vulnerability management tools (listed below). The second aspect is to ensure that such vulnerabilities are prioritized and remediated by the appropriate operations team. This objective will require heavy cross-functional interaction to clearly communicate vulnerability risk posture with all operations and software development teams. The candidate will be required to create vulnerability management reports on a regular basis and present the information to multiple types of audiences. The final aspect of this role requires mid-level knowledge for monitoring security by analyzing IPS reports, firewall logs, vulnerability alert systems and operating systems, database, and application frameworks patch levels. Duties and Responsibilities: Support the Threat and Vulnerability Management Program Support of Incident Response Process, Risk Assessments Support of Payment Card Industry (PCI) compliance and other enterprise security initiatives Participate in team projects and assignments Responsible for reading and following Department’s Procedures and Policies Responsible for understanding and enforcing the Department’s Policies and Procedures Responsible for documenting solutions to Technology issues Perform other related duties as assigned Knowledge, Skills, and Abilities: The ideal candidate should possess the following: Skills and Experience Weighting A = Candidate must have these attributes B = Management strongly desires that the candidate have these attributes C = Management desires the candidate to have these attributes Skills Needed B – Working level knowledge of File Integrity Monitoring tools like Tripwire B – Working level knowledge using Log Management Tools similar to IBM QRadar B – Working level knowledge using Security Information and Event Management Tools like IBM QRadar B – Working level knowledge using Network Vulnerability Assessment tools like eEye Retina B – Working level knowledge using Application Vulnerability Assessment tools like BurpSuite or similar tool set. B – Working level knowledge using Database Vulnerability Assessment tools like AppDectective B – Working level knowledge of Windows and UNIX/Linux server operating systems C – Experience with penetration testing tools like MetaSploit B – Experience with process lifecycle of the creation, management and compliance of security policies, procedures, standards and guidelines B – Experience with the processes of identifying appropriate controls to comply with security policies and regulations A – Experience producing threat and compliance reports for a wide variety of audiences (technical and non-technical) A – Excellent communication and analytical skills A – Must work well with others as part of larger team and be able to collaborate on cross functional teams A – Must be available and willing to work extended and/or alternative hours as needed for issue resolutions, roll-outs, system upgrades, etc. A – Able to work independently toward goals set at a higher level Dimensions: A – 3 years of Information Security experience or related field B – 2 years of experience in the areas of compliance, auditing, risk assessment, and vulnerability mitigation and remediation. B - Knowledge of security best practices (e.g., NIST series); Industry security standards (e.g., PCI-DSS or HIPPA) A – Bachelor’s degree in Computer Science / Computer Information Systems or related field or equivalent experience. B – CISSP certification or in the process of attaining *Please send resume to s...@cncconsulting.com <s...@cncconsulting.com> * Thanks, Sam CNC Consulting, Inc. 201-546-3096 s...@cncconsulting.com -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to sap-or-oracle-financials@googlegroups.com. Visit this group at http://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/groups/opt_out.