Our client, a firm headquartered in Midtown Manhattan, is currently seeking a IT Security Engineer. The Security Engineer will responsible for protecting the firm?s information assets by developing and administering technical controls that protect threats to information security.
This individual will be responsible Network, Host, O/S, database and Applications security. Application-level security controls for both the application and the data network connections for potential exposures and implements appropriate controls and monitoring. Assesses the vulnerabilities and threats of each host and sets the direction for the technology platform managers to implement up-to-date, secure O/S and layered product, code.
Responsibilities
* Create, review and maintain all pertinent security documentation (e.g. policies, procedures, standards, security announcements) as it applies to the respective domains. Liaise with the Head Office IT Security functions to coordinate implementation of Group policies, standards and products.
* Perform security assessment and monitoring services.
* Perform comprehensive risk analysis including risk, threat and vulnerability assessment.
* Manage security projects as appropriate within their respective domains:
? Project planning
? Status reporting
? Technical, budgeting, and cost control of all security project activities
? Interpersonal skills in coordination of project activities to ensure deliverables amongst key members are met and timely
? Technical awareness of emerging technologies
? Backup CISO when unavailable. Set direction for the entire Security group to ensure timely delivery of services.
* Assess and recommend new security tools and technologies.
* Develop an understanding of the underlying business activities and objectives of each business unit to help contribute towards developing stronger security policies and controls while working to facilitate business objectives.
* Use their technical backgrounds and knowledge of business directions to contribute to the overall Security plan.
Application Security
* Security Application Infrastructure tasks to include:
- Application Security Manager
- Configuration & Risk assessment of apps
- Security application monitoring
- Application security policy creation & compliance
* Security Project Coordinator - Project Roster
* Security Awareness Training Coordinator
* Audit & Regulatory liaison
* Overseas Technical Liaison and HO App Liaison
Network Security
* Network & Infrastructure App Security tasks to include:
- Network Security Manager
- Risk Assessment & Security control of the firm?s Network and all Infrastructure applications
- Firewall Security design, audit & monitoring
- Network based Intrusion Detection architecture, probe placement, monitoring, reporting & system management
- Wireless Network Monitoring and reporting
* Security Incident response Lead
* Network & Infrastructure Application architect
* Setup and approve overall Network Security Encryption needs
Host-Based Security
* Security Host Infrastructure tasks to include:
- Host Security Manager
- Risk Assessment & configuration management of Host Infrastructure to include all server platforms
- Host Security monitoring
- Server Security policy creation & compliance monitoring
* Vulnerability Assessment Coordinator
* Wireless monitoring of rogue hosts
* Host encryption management
Required Skills:
? Minimum of five years strong, documented, security experience in a Windows NT & 2000 and Sun/HP-UX environment within a banking environment.
? Experience in current client/server OS environments - preferably XP and Advanced Server 2003.
? In-depth working knowledge with or administrating XP and/or Advanced Server 2003 is preferred.
? Must have working knowledge and understanding of TCP/IP or the 7 layer model from a security perspective.
? Firewall experience with Checkpoint experience highly desirable. At a minimum, Raptor and/or Cisco PIX firewall experience.
? Understanding of Network Intrusion Detection concepts is essential, working experience with Symantec's ESM and ITA security tools preferred.
? Attack and penetration experience in developing good security practices, along with knowledge of how to resolve security related issues from sc To Apply to this job go to http://www.GadBall.com or click here