---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Analyst
Location: Parsippany, New Jersey, United States
Type: Permanent F/T
Closing Date: 2005-09-23
The role of the GiSEC Lead Security Analyst is to safeguard confidential
information assets stored or managed across the enterprise infrastructure.
The scope involves information technology security, and identification of key
enterprise security initiatives and standards.'
Specific initiatives include support of the GiSEC functional services (Privacy
& Confidentiality; CGSP; Security Operations Services; Education, Awareness &
Training; Consulting Services; Vendor Relationship Management; and IT
Compliance).
The GiSEC Lead Security Analyst will maintain excellent working relationships
with all key corporate stakeholders, the GiSEC Virtual Information Security
Team, business unit personnel, and other significant contacts within the
information security industry.
This individual will strive to meet objectives with agreed timeframes, budgets
or agreed service levels.
The individual will lead other staff members in the design and effect specific
initiatives, programs or projects to meet those management and business
objectives.
This includes assisting in establishing clearly defined and documented scope,
objectives, approach, plans, and resource requirements.
The Lead Security Analyst will provide initial approvals of the scope,
objective, approach, and resources and will mentor junior staff members.
The individual provides overall security program strategic direction to improve
the information security posture and assurance level of the enterprise.
Job Responsibilities
Be an advocate of information security and privacy programs across the
enterprise.
Develops and implements security standards, tactical processes and procedures,
and guidelines for multiple platforms and diverse systems environments (e.g.
corporate, distributed computer and client server systems) that are consistent
with GiSEC initiatives and weighs appropriate risk and value with cost that can
be leveraged across the enterprise.
Identifies regulatory changes that can affect information security policy,
standards, and procedures to recommend appropriate security program changes.
Recommends appropriate corrective actions for information security incident
response.
Maintains an awareness of existing and proposed security standards
organizations, State and Federal legislation and regulations pertaining to
information security.
Provides technical expertise and support to clients, IT management, and staff
during risk assessments and the implementation of appropriate information
security procedures and products.
Acts as a Project Manager for key initiatives and provides assistance and
training to peers.
Coordinates the development, testing and implementation of security review
plans, products and control techniques.
Provides leadership and strategy regarding the services provided to the
business units through the Security Technology Excellence Center (STEC).
Performs a leadership role in the overall security program structure and
design, security metrics reporting, and information security assurance
improvement processes
JOB REQUIREMENTS
---------------------------------------------------
Ability to work effectively in both an independent or team environment.
Ability to persuade, convince and influence others through collaboration.
Five to Eight years in a computer related field, with at least Five in
Information Security in an enterprise tactical and strategic setting.
Bachelor's Degree in Business, Management, or Computer Sciences, or equivalent
prior work experience in a related field.
Current CISSP or related security certification.
Experience in operations and/or management of operational staff.
Experience in leading strategic thinking and planning sessions.
High personal credibility and integrity.
Maintain a professional working relationship throughout all levels of the
enterprise.
Must have the ability to work and effectively prioritize in a highly dynamic
work environment.
Expert analytical skills (i.e., technical and non-technical problem solving
skills).
Must have the ability to communicate technical and security-related concepts to
a broad range of technical and non-technical staff, security vendors,
consultants and senior management.
Strong operational, tactical and strategic understanding of security products
and concepts such as firewalls, VPNs, IDSs and other security devices.
Experience in designing or implementing enterprise security architecture models
and frameworks.
Possesses strong interpersonal and project management skills.
Experience managing projects of one year or more duration, and staff of five or
more.
Tactical and strategic experience with enterprise security program development
or management.
Proven ability to lead and manage staff, mentor staff members, provides
direction and influences behavior.
Act responsibly and professionally as part of an enterprise team.
CONTACT
---------------------------------------------------
Please email your resume to: jobs@ibaseconsulting.com
jobs@ibaseconsulting.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
