(ROCKVILLE, Maryland) 8 months
Essential Job Functions: Strategy & Planning o Participate in the planning and design of enterprise security architecture, under the direction of the Assistant Vice President of Security, where appropriate. o Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Assistant Vice President of Security, where appropriate. o Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Work with and have relationships with vendors including: Qualys, Websense, Bluecoat, McAfee, Sourcefire, Cisco, Microsoft, Symantec, Foundstone, many MSSP's and niche security vendors. o Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Operational Management : o Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). o Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. o Participate in investigations into problematic activity. o Participate in the design and execution of vulnerability assessments, penetration tests and security audits. Technology Leadership: o Knowledge of Data Loss Prevention tools in the DAR (Data at Rest) and DIM (Data in Motion) area; end point security for protecting USB ports, etc. o Knowledge and ability to develop security metrics Education/Experience Requirements: Experience: At least 10 years IT experience, with at least 5+ years information security experience Education: Bachelors degree in engineering or information systems. Masters preferred. Certifications: One or more of the following certifications: GIAC Information Security Fundamentals, CISSP, CISA, CISM, Platform: Experience with Windows 2003, Unix Solaris (9 and 10 is preferred). Databases: Experience with Oracle and MS SQL Server. Security Skills: Tools such as Vulnerability Scanner (Qualys, GFI Languard, Nessus, etc.), AD Security Tools like Hyena, etc. PII scanners, MS Tools, Log analysis tools. AV Tools such McAfee ePO, ISS IDS, SEIMs, etc. Extensive experience with securing networks, applications, servers, databases, etc. Experience with network and application vulnerability Experience with network and application vulnerability assessments Working technical knowledge of open source and commercial penetration testing tools Used coreimpact, nessus, saint, app detective and other Pen test tools at BearingPoint and DOL. Strong understanding of IP, TCP/IP, and other network administration protocols. Jameel Ahmed Accounts Manager Techgene Solutions LLC (A Minority Certified Company) Phone : 972-580-0247 Ext 221 Alt : 214-257-0837 Ext 33 Fax : 972-692-5824 Mail : <mailto:jam...@techgene.com> jam...@techgene.com URL : <http://www.techgene.com> www.techgene.com ---------------------------------------------------
