---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Westboro, Massachusetts, United States
Type: Permanent F/T
Closing Date: 2005-07-15
"The EMC Information Security team is a dynamic and fast paced organization
that provides global support for all aspects of information security. The team
has evolved over the last year and offers existing team members and newcomers
alike the opportunity to define and expand their roles. The team is
continuously improving their capabilities by refining a broad range of
traditional security technologies, designing cutting-edge technical solutions,
and deploying additional policies and guidelines to meet the needs of a rapidly
expanding company and changing business models."
This position is part of the Office Information Security and Risk Management
group. Candidates should have relevant experience in IT security (min 5 - 7
yrs). This position will focus on security related processes and technology.
Candidate require experience in IT security techniques, design, processes,
standards, and audit.
JOB REQUIREMENTS
---------------------------------------------------
Critical Dimensions: There are 5 primary dimensions to this position.
-Knowledge of storage architectures and design, and related security risks and
concepts.
-Technical experience and working knowledge of security tools (NESSUS, Pen Test
tools) various client server and applications, networks (e.g. Cisco), firewalls
etc.
-Works with management to develop security standards, procedures, and
guidelines across multiple platform and application environments. Examples
Virus protection, application access.
-Monitoring/Security Process Performance Create and maintain self-audit
procedures and assessments.
-Must be an experienced project manager showing experience and ability to
manage multiple projects and resources of both process and technology content.
-Develop and implement comprehensive security audit plans and procedures to
assess compliance with applicable internal, NIST, OMB and other industry
published procedures, standards, guidelines and best practices.
-Internal/external systems and applications security testing, internal audits,
risk analysis, and risk mitigation.
-Development of required documents for certification and accreditation (System
Security Plan, POAM, FSA).
-Provide recommendations for risk mitigation, and manage mitigation efforts.
-Conduct COTS product and software security assessments and infrastructure
security reviews.
-Develop detailed risk assessments, security plans and risk mitigation plans to
identify, and mitigate risks.
-Assist in or facilitate the implementation of protective and mitigating
controls.
-Tracks resolution of findings and prepares reports for management
-Assist in the selection, configuration, and maintenance of security software
and utilities.
-Maintains an awareness of existing and proposed security standards, industry
best practices and State and Federal legislation and regulations pertaining to
information security and recommends appropriate changes.
-Performs operating system, security assessments, application vulnerability
assessments, and compliance auditing across multiple platform and application
environments.
-Works with management to develop information security standards, procedures
and guidelines across multiple platform and application environments.
-Works closely with IT and product development teams to design functional,
secure infrastructure and applications.
-Assists in developing and maintaining an ongoing product security awareness
and employee training program.
-Proactively keeps current on security issues related to business activities as
input to departmental policies & procedures
-Monitors compliance to information security policies and procedures for
multiple platforms and diverse systems environments.
-Proactively performs policy gap analysis, system vulnerability analysis, and
recommends corrective measures to ensure the integrity of the company's
security posture.
-Works with management as assigned to drive security projects to completion.
-Ensure that the project portfolio is kept current with changing business needs
and risks.
-Manage Information Security and Privacy risk assessments.
CONTACT
---------------------------------------------------
Email Resume
EMC
Donna Patton
HR Staffing
Patton_Donna@Emc.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
