---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Analyst
Location: Moncton, New Brunswick, Canada
Type: Permanent F/T
Closing Date: 2007-12-07
The Opportunity
The Manager of ALC's IT Security department is seeking a full time IT Security
Analyst. As part of the security operations monitoring team, this position
will perform the processes and functions necessary to ensure that all breaches
of, attempted breaches of, or mistakes that could potentially lead to a breach
of ALC's IT Security are identified and reported.
Core Responsibilities
Responsible for network and host monitoring, traffic analysis, and intrusion
detection. This person will be considered highly competent in the analytical
aspects of the position.
Executes the key processes/functions that support delivery of the department's
threat and vulnerability monitoring services.
Produces cohesive technical intelligence reports.
Executes the security review function, within Change Management, to ensure
changes are not introducing unacceptable risks to ALC.
Service requests made for IT Security consulting, which will include such
things as support to forensic investigations and ad-hoc requests for IT
Security services.
Locates and repairs security problems and failures.
Defines security configuration and operational standards for security systems
and applications, including vulnerability assessment tools, network security
appliances, host-based security systems, and the configuration audit and
control system.
Participates in security investigations and compliance reviews as requested by
internal or external auditors.
Assists with the resolution of negative audit findings reported by ALC's
internal or external auditors.
Assists the senior security administrator and IT staff in the resolution of
reported security incidents.
Assists and trains junior team members in the use of security tools, the
preparation of security reports and the resolution of security issues.
Researches and assesses new threats and security alerts and recommends remedial
action.
Provides user account audits for review by resource owners
Performs normal and exception processing of user access and change requests,
escalating such requests when appropriate.
Reports unresolved network security exposures, misuse of resources or
noncompliance situations to management.
May represent the IT security team on projects and other formal workgroups and
committees.
Key Assets and Competencies
JOB REQUIREMENTS
---------------------------------------------------
Educational Qualifications
University degree in Computer Information Systems, Computer Science or
equivalent experience required.
5 years of IT or network security experience.
One or more technical security certifications such as the SANS Institute's GSEC
or GCIA.
Technical Competency
In-depth knowledge, skill, and ability to configure and monitor intrusion
detection systems, and to read, interpret, and analyze network traffic and
related log files.
Knowledge of network infrastructure, including routers, switches, firewalls and
associated network protocols and concepts.
Detailed understanding of TCP/IP.
Technical proficiency with security-related systems and applications,
especially network security appliances, intrusion detection, configuration
audit and control, patch distribution, vulnerability assessment scanners, web
and email filtering, end-point compliance and security information and event
management (SIEM) tools.
Excellent technical knowledge of mainstream operating systems (for example,
Microsoft Windows and RedHat Linux).
Experience working in process oriented IT environments and knowledge of the IT
infrastructure library (ITIL) framework.
Experience documenting security processes, standards and guidelines.
Knowledge of security control guidelines such as COBIT or ISO17799.
Proven ability and willingness to learn and keep current within the industry.
Completion of one or more security certifications would be an asset.
Occupational Personality
Strong analytical skills
Strong problem-solving skills to enable effective security incident and problem
resolution
Proven ability to work under stress in emergencies, with the flexibility to
handle multiple high-pressure situations simultaneously
Ability to work well under minimal supervision
Strong written and verbal communication skills
Strong interpersonal skills
Consideration will be given to an equivalent combination of education, training
and/or experience.
CONTACT
---------------------------------------------------
To explore this opportunity please send your resume to resume (at) alc (dot) ca
on or before December 7, 2007.
Please save both items in one Microsoft Word document.
Name the document as "lastname_firstname.doc". For example, Smith_Jane.doc
Indicate competition #03-0834-CB in the subject line of your e-mail.
For more information about ALC please visit our website at www.alc.ca.
Atlantic Lottery Corporation
Manager IT Security
resume@alc.ca
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
