*Position : Security Analyst * *Location : NY*
* * *Type : Contract (6 months+)* * * *Start Date : Immediate* * * *Job Description:* · This position is part of a team that provides security services and information risk management support for our global offices. Specifically, this team acts as a control group to ensure that security operations procedures are performed and all risks are mitigated or remediated. · Responsibilities of this position include, but are not limited to: · Security Assessments– review applications, business processes and suppliers for adequacy of security controls · Vulnerability Management – review current environment for vulnerability exposure and emerging threats within the financial services sector. Participation in the Patch Management Program. · Suspicious Activity Monitoring – Monitor and investigate potential Information Security breaches · Disposition daily requests from the business that require security review as a member of the ISECA (Information Security Analyst) team • Project based work as necessary *TECHNICAL SKILLS:*** Function: Security Analyst The ideal candidate should have the following qualifications: • Bachelor of Science in Computer Science/Engineering · Three to five years of experience working as a security analyst performing: Security Assessments Application Security Assessments, Supplier Reviews, General Controls Assessments Incident Management Information Breaches, Safeguarding Issues (Data Related), Security Incidents (Technology Related) Vulnerability Management Vulnerability Identification & Analysis via research, interviews and vulnerability scanning tools, Insecure Configuration, Patch Management, Incident Response Suspicious Activity Monitoring Intrusion Detection/Prevention, Data Loss Prevention Security Service Delivery Review/Approval Firewall Policy Change, Proxy Management, Access Controls Analysis, Secure Data Transfer · Knowledge of generally accepted Information Security controls · Technical knowledge of Information Technology systems and the ability to analyze them for vulnerabilities: · TCP/IP (IP addressing and commonly used port assignments) Windows/UNIX/Linux Operating Systems Client Server applications Web based applications · Strong verbal and written communication skills · Knowledge of law and regulations surrounding public companies and the financial services sector is a plus · Information Security certification a plus: CISSP, CISM, SANS, etc. -- You received this message because you are subscribed to the Google Groups "KNOW.IT" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/know_it_az?hl=en.
