---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security System Administrator
Location: McLean, Virginia, United States
Type: Permanent F/T
Closing Date: 2007-11-25
Senior Information Security Specialist
Maintain a continuous process improvement work environment, recommending and
implementing new/improved processes in accordance with industry standards and
best practices. Assist in identifying, evaluating, testing and implementing
appropriate security products, tools and systems for implementation of the
secure infrastructure. Assist in creating and enforcing security standards and
procedures. Articulate security policies, guidelines and standards to customers
and developers in order to provide control and consistency throughout Freddie
Mac. Provided and revoke access to data and network entities. Analyze and
provide technical support and problem resolution to customers. Assist in
training new staff in security procedures. Performs all procedures necessary to
protect the safety of the information systems from intentional or inadvertent
destruction. Provide security consulting and advisory service to business units
and project teams. Assists in identify and resolve information
security issues. Works with staff within a business unit to execute short and
long term business plans and objectives. Builds, develops, and maintains
relationships with internal and external customers, and vendors to formulate
solutions to Freddie Mac and customer system issues related to information
security. Researches and maintains currency regarding information security
issues, solutions and potential implications for Freddie Mac. Assists in
preparing written proposals and presenations. Supports design efforts of
critical projects and implements newly developed or revised systems or
initiatives.Serves as an effective role model (open to change, lives the
vision, enthusiastic) for the company and department.
Perform IT security risk assessments and contribute toward better risk
management of the company?s information systems. The understanding of IT
information risks as it relates to the business, viewing security holistically,
applying risk management intelligently, using creative problem solving
techniques and working successfully with others are key requirements for this
position.
Responsibilities:
Perform IT Risk Assessments of Applications, systems and networks.
Threat and vulnerability assessment and Analysis of complex technical
information (e.g. design and architecture documents) to ascertain areas of risk
exposure.
Recommend remediation strategies and actions for mitigating risk.
Work with internal teams to achieve risk management objectives.
Publish reports, track remediation, and maintain metrics.
JOB REQUIREMENTS
---------------------------------------------------
Job requires a Bachelor degree in Information systems or related field or an
equivalent combination of education and experience from which comparable
knowledge and skills may be obtained and more than three years of direct,
hands-on computer security experience. Position also requires experience
developing and implementing processes, both manual and automated, demonstrated
good communication skills, demonstrated good organizational skills with respect
to time management and work production, and CISSP or other industry recognized
security certification or demonstrated progress in obtaining
certification.Required Skills:
Good grasp of information security fundamentals, risk management concepts, and
strategy.
Experience in Risk assessment and risk analysis.
Understanding information security holistically and its value to the business.
Knowledgeable in security architectures.
Good understanding of security frameworks and standards (e.g. ISO 17799, NIST
800-53, Cobit).
Vulnerability Assessments
Security Architecture Reviews
Web Application Security Reviews
Familiar with security scanning tools.
Implementation of security tools and products
Understanding the use and application of security controls.
IT audit (SOX, ITGC) experience is a plus
Solid written and verbal communications skills.
Experience and Education:
Bachelor's degree in Computer Science or related field
5+ years experience in IT Security/Security Risk Management function.
Professional Certification such as CISSP, CISM, GIAC, CISA are strongly
preferred.
Please Note: Candidates submitting an employment application for high risk
jobs, whether internal or external, must sign a Disclosure Statement consenting
to a credit and criminal background investigation or the applicant will not be
eligible for an employment offer.
CONTACT
---------------------------------------------------
Please apply at the following link:
http://ww3.freddiemac.com/ds3/hr/jobpost.nsf/0/C71F98E1D9EBE43C8525737C00764D6D?OpenDocument
Freddie Mac
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
