The Information Security Analyst (Vulnerability Assessment) will work closely with the Information Technology (IT) department to help in the coordination effort to remediate security alerts and respond to information security related incidents that could potentially impact the network, systems and applications. This position will be responsible for performing the daily tasks associated with information security, incident response and handling, vulnerability handling and security event monitoring. The candidate will work closely with Fraud, Legal and/or Human Resources to facilitate general investigations. Assist in doing security risk assessments to assess the integrity of network connections, projects, applications or processes. The candidate will work to implement the Funds Information Security Policies & Standards
Design and implement a security event management program including IT/IS incidents to gather, store, correlate, analyze and respond to security data from logs & incident reports
Leading role in the Computer Security Incident Response Team (CSIRT) process
Perform forensic investigations of security incidents
Conduct application security reviews to ensure proper security controls are implemented
Perform monitoring/auditing activities (e.g. monitoring access logs and assigned privilege levels) and respond to security events as appropriate.
Execute vulnerability tests on networks, systems and applications when necessary.
Perform regular scans and security assessments of the infrastructure, notify/escalate with IT, and document findings in a complete comprehensive report that includes technical and non-technical findings and recommendations.
Mapping the security environment, and creating the procedures for security tests
Evaluate security infrastructure logs for anomalous and unknown behavior
Assist in security awareness training program
Work with relevant personnel to evaluate new security technologies.
Any other duties that maybe assigned to you from time to time.
Experience: CISSP certification is required
Bachelor’s degree from an accredited program is required.
A minimum of three (3) years experience in the areas of Information Security and Information Technology.
Knowledge of ISO 17799 and other leading security standards
Firewall & Systems configuration and event log monitoring experience required
Incident Response experience required
IDS, IPS, Log Correlation Systems configuration and monitoring experience
SANS and other InfoSec related certification a plus
Excellent troubleshooting and analytical thinking skills
Good written and oral communications skills
Excellent interpersonal and customer service skills
Self-directed, self-motivated, self-starter able to work with minimal supervision.
send resume to:
To Apply to this job go to http://www.GadBall.com or click here
Saturday, November 10, 2007