---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Information Assurance Analyst
Location: London, , GB
Type: Permanent F/T
Closing Date: 02/28/2005
To ensure the integrity and reliability of corporate data and systems, through
the management and monitoring of infrastructure and software security. This
includes involvement in business and IT projects to ensure that appropriate
controls are built in from the earliest stages
Monitoring (approx. 25%)
Assist with the daily monitoring of Information Security to ensure that
existing systems and technology comply with the Information Security Policy.
(VMS, NT, Windows 2000/XP, AIX, Solaris & OS400)
Monitors the firewalls, host and network-based intrusion detection systems and
takes appropriate follow up action (ISS Real Secure, Fast Analysis and FireGen).
Carry out periodic review of all current user access with business managers
Monitors exceptional/emergency use of supervisor or highly privileged accounts
and data management tools.
Identifies security violations and escalates them to the Information Security
Manager.
Assists with monitoring for use of unlicensed software
Assists with bi-annual threat and vulnerability assessment and ‘Attack and
Penetration Testing’.
Assists with periodic Physical Security checks to monitor compliance with
Policy.
Projects (approx. 75%)
Information Security project work includes:
Managing small to medium sized information security issues and tasks, such as
Application Risk Analysis, Vendor Reviews, Firewall Reviews, etc.
Providing consultancy on business projects including implementation of new
technology, infrastructure and applications and
Initiating and managing information security projects – where a major new
security tool, architecture or solution is required.
It should be noted that this role does not require any formal project
management skills, as a separate dedicated IT team carryout this function.
However, the ability to work in a structured manner on a number of concurrent
projects and tasks is essential.
Overall
Responsible for escalation of security issues to the Information Security
Manager as and when necessary.
JOB REQUIREMENTS
---------------------------------------------------
A successful candidate must have:
At least 3-4 years experience in an Information Security or IT Audit role.
A good understanding of normal network infrastructure such as firewalls,
switches, routers, LANs, etc., particularly how to secure and control such
technologies.
Knowledge of intrusion detection and evasion techniques – ideally ISS Real
Secure/SiteProtector
Experience of formal document creation, such as the creation of policies and
standards, report writing or procedures.
Experience of carrying out risk reviews, technology audits or other similar
work.
Experience of securing one or more the following Operating Systems:
- VMS
- Solaris
- OS400
- Windows NT/2000/2003/XP
- AIX
Good knowledge of Access, Word and Excel.
Some or all of the following will be of advantage:
A professional qualification, relevant to Information Security (CISSP or CISM).
Knowledge of e-commerce technologies and security.
IP Telephony – especially CISCO products
Experience of delivering creating and delivering a security awareness programme.
Knowledge or practical experience of one or more of the following products:
- eTrust Access Control
- ISS Real Secure – SiteProtector
- Bindview
- RSA SecurID
- Auditor+
- SYSLOG/Event Reporter
- Pentasafe/Net IQ
- FireGen – PIX log Analysis
- CISCO Host IDS
CONTACT
---------------------------------------------------
Ref SF-69
Iain Sutherland
Managing Director
Information Security Solutions
iain@InformationSecuritySolutions.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
