Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Compliance Officer, London

from [rob . snell] Network Security [Permanent Link]
Subject: [SJ-JOB] Compliance Officer, London
Date: 20 Oct 2005 21:37:21 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Compliance Officer
Location:       London, , United Kingdom
Type:           Permanent P/T

Closing Date:   2005-11-20

Information Security Compliance Officer.

The Information Security Compliance Officer  is responsible for assessing the 
firm&#146;s internal IT infrastructure, applications and services to ensure 
that they are compliant with  global Baseline Information Security Standard.

 responsible for conducting compliance audits of the firm&#146;s applications, 
after they have been subjected to a detailed security risk analysis, and for 
performing compliance testing of mission-critical web applications, in order to 
comply with privacy acts and HIPAA regulations.
  
The role necessitates an ability to communicate effectively and influence IT 
leadership, staff and other stakeholders, firm-wide, to implement security 
recommendations.  In addition to compliance audit functions, will engage with 
the business lines of service on a range of information security matters 
including security policies and standards and security awareness.

This role requires the ability to establish and develop effective, trusting 
relationships with internal customers, together with a proven knowledge of the 
methods necessary to assess information security within a large organisation.  
During the course of normal business  will be required to meet and communicate 
to staff and partners at the highest level within the firm, therefore, the 
utmost degree of personal presentation, integrity and professionalism are 
essential.
 
 
Responsibilities 
Conduct security audits of the firm&#146;s IT infrastructure, telephony, 
applications and services to evaluate compliance with the firm&#146;s IT 
security policies and standards. 
Report findings clearly, using ITSG&#146;s structured report format and 
communicate the results effectively to the relevant stakeholders. 
Perform monthly perimeter security scans and liaise with the regional  to 
present the findings to territory stakeholders. 
Develop and maintain good working relationships with stakeholders and promote 
and raise awareness about the IT Security group and its role and objectives to 
business and IT leadership. 
Respond effectively and efficiently to enquiries regarding general information 
security and information risk management issues where appropriate. 
Provide advice on the risk and security implications of technology projects 
within the context of any compliance undertaking, to ensure that systems of 
whatever nature are implemented with appropriate, approved security controls 
commensurate to the business risk. 
Provide reports to Compliance and Monitoring Global Team Leader,  



JOB REQUIREMENTS
---------------------------------------------------
Educational Requirements

A university graduate with a degree in computer science, telecommunications, 
networking, engineering or another computer-related field OR 
A minimum of 5 years&#146; experience in IT operations, technical or security 
administration backgrounds.
Skills and Experience

At least two years compliance audit experience of applications and 
infrastructure, including network, operating systems, telephony and physical 
security controls. 
A strong technical background in the area of network security controls, 
including firewall and router security configuration, and at least two years 
experience with operating system security for the any of the following 
platforms:  Mainframe, Windows NT/2000/2003, UNIX, Netware, Avaya, Middleware 
and Oracle/SQL databases. 
Conversant with the ISO 17799 information security standard. 
Knowledge of any the following audit tools :
WebInspect, IIS, CyberCop, Nessus, PhoneSweep, CIS Benchmark and/or 
Appdetective. 
Knowledge of application security packages within Oracle, SAP and/or PeopleSoft 
is desirable. 
Essential Certification Required:

CISSP  Certified Information Systems Security Professional, Information Systems 
Security Control Consortium (ISC2) 
Additional, desirable certification

BS7799 Lead Auditor 
CISA  (Certified Information Systems Auditor &#150; ISACA) 
MCSE  (Microsoft Certified Systems Engineer) 
MCP  (Microsoft Certified Professional) 
CCNA  (Cisco Certified Network Associate) 
CCNP  (Cisco Certified Network Professional)
 
 
The Individual 
Excellent written communication skills to provide detailed reports to our 
customers as well as verbally communication during meetings. 
Strong analytical skills in order to resolve complex security vulnerability and 
develop compensating controls. 
Strong personal discipline and effective time management. 
Excellent project management skills in order to manage multiple security 
assessments and changing priorities, simultaneously.  
Personal Circumstances 
This role might entail 50% travel. 
 
 



CONTACT
---------------------------------------------------


Tardis Group
rob snell
Consultant
rob.snell@tardis-group.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Compliance Officer, London, rob . snell <=
Previous by Date:  [SJ-JOB] Technology Risk Consultant, London, rob . snell
Next by Date:  [SJ-JOB] Sales Engineer, Sunnyvale, ryan
Previous by Thread:  [SJ-JOB] Technology Risk Consultant, London, rob . snell
Next by Thread:  [SJ-JOB] Sales Engineer, Sunnyvale, ryan
Indexes:  [Date] [Thread] [Top] [All Lists]