---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Consultant
Location: New York, New York, United States
Type: Permanent F/T
Closing Date: 2007-10-14
POSITION: Senior Advisory Consultant – Security & Privacy Solutions /
Technology Risk
REPORTS TO: Technology Risk Manager
LOCATION: New York, NY
INFORMATION: www.protiviti.com
CONTACT: Kimberly.Barbieri@protiviti.com
Protiviti is the leading international provider of independent internal audit,
business and technology risk consulting services. Protiviti helps companies
identify, measure, and manage operational and technology-related risks they
face within their business, their systems and processes. We help our clients
seize new opportunities for growth and profitability while managing their
business and technology risks.
Independence means objective, unfettered advice delivered in the best interests
of our clients. We work with 22% of the Fortune 1000 companies in industries
such as financial services and real estate, media, hospitality and
communication, manufacturing, distribution and technology, consumer products
and retail, government, education and not-for-profit. In just over 5 years,
Protiviti has established itself as the leader in the marketplace, with over 50
offices in North America, Europe, Asia and Australia.
Information Technology Security Services
Protiviti’s Information Security Services practice helps companies to
identify, analyze, and mitigate technology risks, apply automated controls, and
standardize information security processes for the protection of high value
information assets. Protiviti’s deep expertise in Information Security
can help ensure the integrity, reliability and performance of these processes..
The following statements are intended to describe the general nature and level
of work being performed. This is not intended to be construed as an exhaustive
list of all responsibilities, duties and skills required of personnel.
JOB DESCRIPTION
OVERALL RESPONSIBILITY
The Senior Consultant has primary responsibility for direct supervision of
Consultants in developing and executing Information Security project work
plans. The Senior Consultant has direct, client-facing engagement
responsibilities. Serving as both role model and trainer, the Senior
Consultant demonstrates the attributes of excellent client service and assists
team members in developing technical and professional competency. The Senior
Consultant learns to identify areas of IT risk in the client environment and
opportunities to help them to improve information security, and business
processes.
SPECIFIC RESPONSIBILITIES
 Supervise and train project personnel;
 Review, document, evaluate and test Information Security (IS)
controls in a wide range of environments including Windows, Linux, Mainframe,
mid-range and client server. The Senior Consultant must be well versed in
various IS controls which address organizational structure and administration
practices, system development and maintenance procedures, system software and
hardware controls, security and access controls, computer operations,
environmental protection and detection, and backup and recovery procedures;
 Review information system architecture and security controls.
The Senior Consultant should be able to assess technical security controls and
related operational procedures. This includes, but is not limited to, firewall
and border router configurations, operating systems configurations, wireless
architectures, databases, specialized appliances and information security
policies and procedures;
 Responsible for the review of client Information Security
Policy and other documentation as a basis for identifying potential areas of
improvement and increased effectiveness with respect to client administrative
controls;
 Continually monitor the advancements and trends specific to
Information Security in order to best serve Protiviti’s client base.
Senior Consultants should be familiar with emerging developments in
technologies such as Identity Access Management, Patch Management, Encryption
Solutions, Firewall technologies, Host and Network based Intrusion
Detection/Prevention Systems and policy management solutions;
 Develop understanding of project requirements and client’s
business;
 Communicate IS control strengths and weaknesses to the client
or internal audit engagement team and assist in developing effective solutions;
 Ensure timely completion of established project milestones;
 Develop and maintain effective client relationships;
 Develop and apply proficiency with Protiviti policies
methodologies;
 Apply understanding of business processes and technical skills
to successful completion of projects;
 Prepare audit reports on findings and recommendations to senior
management;
 Assist with the administration of Project Setups, Billing,
Reconciling Job Summaries, Recruiting and New Business Development;
 Demonstrate consistency in values, principles and work ethics.
ABITLITY TO TRAVEL
 The position requires up to 40% out-of-town travel to client
locations.
EDUCATIONAL & PROFESSIONAL CREDENTIALS REQUIRED
 Bachelor’s degree in a relevant discipline (Computer
Information Systems, Information System Technologies, Management Information
Systems);
 Minimum GPA 3.0;
 3+ years in a related field, preferably in professional
services and/or industry;
EDUCATIONAL & PROFESSIONAL CREDENTIALS PREFERRED
 Professional Certification such as CISSP, CISM, GSEC, GIAC are
strongly preferred (required for advancement to Manager-level position);
 Consulting experience in Information Security.
JOB REQUIREMENTS
---------------------------------------------------
REQUIRED KNOWLEDGE & SKILLS
 Project Management Skills;
 Interpersonal skills to interact in team environment and foster
client relationships;
 Supervisory skills;
 Understanding of the importance of business ethics;
 Sound job administration skills;
 Above-average written communication skills including
documentation of findings and recommendations;
 Analytical skills;
 Ability to handle highly confidential information in a strictly
professional manner;
 Ability to maintain professional demeanor in times of high
stress.
REQUIRED TECHNICAL KNOWLEDGE & SKILLS
 A diverse skill base in both Information Systems and
Information Security;
 Knowledge of Industry Standards, e.g., ISO 17799/27001, NIST
Publications and other Industry Related Security Standards;
 Knowledge of Industry Regulations, e.g., Gramm-Leach-Bliley Act
(GLBA), Health Insurance Portability and Accountability Act of 1996 (HIPAA),
Payment Card Industry (PCI) or Corporate Compliance.
CONTINUING EDUCATION & OPPORTUNITIES
 All employees throughout their career with Protiviti have the
opportunity to be involved in our Training Programs, Mentoring Program and
Incentive Compensation Program.
CONTACT
---------------------------------------------------
Please sumbit all resumes to Kimberly.Barbieri@protiviti.com
Protiviti
Kimberly Barbieri
Recruiting Manager
kimberly.barbieri@protiviti.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
