---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Parsippany, New Jersey, US
Type: Permanent F/T
Closing Date: 06/23/2005
Primary Function:
The role of the GiSEC Lead Security Analyst is to safeguard confidential
information assets stored or managed across our client’s enterprise
infrastructure. The scope involves information technology security, and
identification of key enterprise security initiatives and standards. Specific
initiatives include support of the GiSEC functional services (Privacy &
Confidentiality CGSP Security Operations Services Education, Awareness &
Training Consulting Services Vendor Relationship Management and IT
Compliance). The GiSEC Lead Security Analyst will maintain excellent working
relationships with all key corporate stakeholders, the GiSEC Virtual
Information Security Team, business unit personnel, and other significant
contacts within the information security industry. This individual will strive
to meet objectives with agreed timeframes, budgets or agreed service levels.
The individual will lead other staff members in the design and effect specific
initiatives, programs
or projects to meet those management and business objectives. This includes
assisting in establishing clearly defined and documented scope, objectives,
approach, plans, and resource requirements. The Lead Security Analyst will
provide initial approvals of the scope, objective, approach, and resources and
will mentor junior staff members. The individual provides overall security
program strategic direction to improve the information security posture and
assurance level of the enterprise.
Essential Duties and Responsibilities:
§ Be an advocate of information security and privacy programs across our
client’s enterprise.
§ Develops and implements security standards, tactical processes and
procedures, and guidelines for multiple platforms and diverse systems
environments (e.g. corporate, distributed computer and client server systems)
that are consistent with GiSEC initiatives and weighs appropriate risk and
value with cost that can be leveraged across our client’s enterprise.
§ Identifies regulatory changes that can affect information security
policy, standards, and procedures to recommend appropriate security program
changes.
§ Recommends appropriate corrective actions for information security
incident response.
§ Maintains an awareness of existing and proposed security standards
organizations, State and Federal legislation and regulations pertaining to
information security.
§ Provides technical expertise and support to clients, IT management, and
staff during risk assessments and the implementation of appropriate information
security procedures and products.
§ Acts as a Project Manager for key initiatives and provides assistance
and training to peers.
§ Coordinates the development, testing and implementation of security
review plans, products and control techniques.
§ Provides leadership and strategy regarding the services provided to our
client’s business units through the Security Technology Excellence Center
(STEC).
§ Performs a leadership role in the overall security program structure and
design, security metrics reporting, and information security assurance
improvement processes.
JOB REQUIREMENTS
---------------------------------------------------
Knowledge, Skills, and Abilities:
§ Ability to work effectively in both an independent or team environment.
§ Ability to persuade, convince and influence others through collaboration.
§ Five to Eight years in a computer related field, with at least Five in
Information Security in an enterprise tactical and strategic setting.
§ Bachelor’s Degree in Business, Management, or Computer Sciences, or
equivalent prior work experience in a related field.
§ Current CISSP or related security certification.
§ Experience in operations and/or management of operational staff.
§ Experience in leading strategic thinking and planning sessions.
§ High personal credibility and integrity.
§ Maintain a professional working relationship throughout all levels of
our client’s enterprise.
§ Must have the ability to work and effectively prioritize in a highly
dynamic work environment.
§ Expert analytical skills (i.e., technical and non-technical problem
solving skills).
§ Must have the ability to communicate technical and security-related
concepts to a broad range of technical and non-technical staff, security
vendors, consultants and senior management.
§ Strong operational, tactical and strategic understanding of security
products and concepts such as firewalls, VPNs, IDSs and other security devices.
§ Experience in designing or implementing enterprise security architecture
models and frameworks.
§ Possesses strong interpersonal and project management skills.
§ Experience managing projects of one year or more duration, and staff of
five or more.
§ Tactical and strategic experience with enterprise security program
development or management.
§ Proven ability to lead and manage staff, mentor staff members, provides
direction and influences behavior.
§ Act responsibly and professionally as part of an enterprise team.
CONTACT
---------------------------------------------------
Derek Haseltine
Sr. Technical Recruiter
PPS Information Systems Staffing
DHaseltine@ppsinfo.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
