Location:: Matawan, NJ

Rates::$60/hr

Duration::3-6 months

Interview:: F2F

* IT Security & Compliance Analyst*


*Job Description: *





*Candidate Profile and Role:*

The IT Security & Compliance Analyst will report directly to the Global
Information Security Officer/Director.  The IT Security & Compliance
Analyst is responsible for the maintenance of information security
governance policies and procedures; monitoring compliance with company
 security policy; ensuring timely responses to client/customer RFP’s and
questionnaires; research and investigation of security alerts; providing
security awareness training and materials to employees; and assisting with
research and investigation of security incidents.


Responsibilities



·         Monitor and advise on information security issues related to
systems and workflow at company to ensure internal security controls are
appropriate and operating as intended across all platforms and teams.

·         Utilize SIEM technology to track, monitor, and report findings to
MGMT as needed.

·         Prepare responses, or assist with responses, to client RFPs and
information security assessments in conjunction with various teams within
the firm.

·         Coordinate and assist with remediation efforts resulting from our
external and internal vulnerability-scanning program.

·         Assist in maintenance, and training of company users on the
importance of privacy and security awareness.

·         Recommend updates to information security policies, as needed,
and assist in the maintenance of the information security policy library.

·         Assist in coordination of third-party annual application
vulnerability tests, SSAE16 SOC2/PCI/ISO 27000 series internal audits and
IT security assessment(s).

·         Participate in resolution of security incidents, and complete
after action reports to memorialize the findings.

·         Work closely with 3rd party service providers to ensure timely
delivery of products and services.

·         Assist with development and delivery of security awareness
training and materials.

·         Work with teams to assist and manage projects pertaining to the
Information Security Group.

·         Perform governance with multiple vendors within the information
security area, and infrastructure operations.

·         Work with application teams to assist in the remediation of
source code vulnerabilities utilizing HP Fortify 360.
  Requirements



·         Bachelor’s degree in computer science, engineering or equivalent
combination of education and work experience.

·         5+ years experience in information security

·         Experience in security policy development, application
vulnerability assessments and tools, compliance testing

·         Experience with SOC2, PCI, and ISO27000 series requirements and
validation processes

·         Strong background in security controls, application security,
network and system security, distributed  system recovery time objectives,
distributed systems administration, security auditing techniques  and/or
general computer controls

·         Must have strong analytical skills (i.e., technical and
non-technical problem solving skills)

·         Must have the ability to write effective memos, simple reports,
and documentation

·         Must have the ability to communicate technical and
security-related concepts to a broad range of  technical and non-technical
staff and management

·         Possess strong interpersonal and project management skills

·         High personal credibility and integrity

·         Certifications in one or more: CISSP, GIAC,CISM,CGEIT,CISA,CRISC

·         Working knowledge with the following solutions is helpful:

o    SolarWinds TriGeo Log Management SIEM tool

o    Nessus vulnerability scanning tool

o    HP Fortify 360

o    RSA-DLP technology

o    Mobil Device Management technologies





*Anubhav Sood*

*Sage Technologies Inc.*
 ------------------------------

*O: 732.767.0010 ext-501  M: 732-784-6489**   E: **[email protected]
<[email protected]>** Web: **www.sagetl.com* <http://www.pyramidci.com/>

Gtalk: <http://www.tresourceinc.com/> *anubhavtrg* | YIM: *anubhavtrg*

Linkedin:
*https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile*
<https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile>



*We nurture your talent *

-- 
-- 
To unsubscribe from this group, send email to 
[email protected]

For more options, visit this group at 
http://groups.google.com/group/CBE-Software-Engineer?hl=en
--- 
You received this message because you are subscribed to the Google Groups "CBE 
Software Engineer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to