*Please send me your profiles to [email protected]*
*Job Title: Vulnerability Analyst II*
*Department: Information Technology *
*Department Summary:*
The Information Technology Department delivers superior customer experiences
through the development and support of front and back office systems while
focusing on IT’s four core values: Partnership, Excellence, Innovation and
Efficiency.
The IT Security Team* *is responsible for the implementation of controls and
delivery of services ensuring appropriate logical and physical protection of
information and other assets enterprise wide.
* *
*Job Summary:*
The IT Security Vulnerability Analyst is responsible for monitoring numerous
available sources of information regarding vulnerabilities to systems
utilized by client, performing a risk-based needs analysis on vulnerability
mitigation, and championing implementation of necessary mitigation. The
Analyst will also perform periodic and new system vulnerability scanning.
Strict records will be maintained by the Analyst of risk decisions made and
mitigated steps taken, including any required governance reporting.
The analyst will provide support in the form of threat and vulnerability
analysis of our infrastructure, and will verify adherence to Security policy
and known security guidelines such as Sarbannes-Oxley, PCI (Payment Card
Industry standards), ISO 27000 series standards, and regulatory and
compliance sources such as ING Home Office and the U.S. Office of Thrift
Supervision
*Essential Functions:*
- Ensure the integrity and availability of systems and applications
through effective management of computer resources specific to the security
infrastructure.
- Ensure computer systems exceed security and service level targets
through the use of reliable products, penetration and security assessment
testing, and sound practices.
- Determine the risk-based need for deployment of mitigation tools
- Monitor regulatory and advisory sites and vendor reporting sources to
identify available vulnerability mitigation tools and current patch level
releases that are appropriate to our environment.
- Champion deployment of recommended updates and maintenance fixes,
working with responsible IT Teams and reporting status as appropriate.
Maintain records of risks and mitigation controls for vulnerabilities
across all platforms.
- Ensure that the computing environment is kept current with service and
software update releases, and evaluate security assessment tools for
selection and integration into the environment.
- Provide technical support and awareness programs for security issues
related to systems and applications within our infrastructure
- Provide efficient, high quality technical support services to ensure
timely response to queries, resolution of problems, and reporting/escalation
of issues related to the systems.
- Assist in the recommendation and design of system architectures,
platforms and specifications in order to meet current security standards and
future business needs.
- Perform system vulnerability scanning and assessment of new systems in
conjunction with Security Officer review and approval of Change Control
Requests
- Communicate planning and development, documentation, and status to
management.
- Work with the rest of the IT Security Team to ensure the physical and
logical stability, reliability, confidentiality, and integrity of systems is
in accordance with established standards, policies, procedures and
guidelines, taking appropriate actions for all violations.
- Participating in other IT Security initiatives as needed.**
* *
*Experience & Qualifications:*
- 3 – 5 years related work experience, preferably in financial services
or other regulated and secure industry. **
- 2+ years experience with Information Technology, with specific
experience regarding operating system patching, vulnerability scanning,
and/or intrusion detection systems.**
- Effective knowledge of information security theory and practices**
- Strong technical knowledge of relevant security tools and processes**
- Excellent communication skills, both written and verbal**
- Ability to be adaptable and flexible while responding to deadlines on
assignments and workflow fluctuations.**
- Ability to work with concepts and work independently.**
- Excellent problem diagnosis, analytical, and communication skills.**
- Ability to balance several conflicting demands to achieve optimum
services performance with minimum disruption to business operations.**
- Sound experience in devising ways to extract data from many sources and
translating this data into useful information**
* *
*Education and/or Certifications:*
- A post secondary education is a plus**
- CISSP or equivalent certification a plus**
* *
*Technical skills and abilities:*
- Strong knowledge and experience required in the areas of security
assessment and vulnerability scanning, risk based threat analysis, and
security mitigation techniques
- Technical knowledge of desktop and server hardware and software
architectures and operating systems including Windows and Vista, UNIX, and
Mac
- Technical knowledge and familiarity with common business and financial
software applications and functionality
- In depth knowledge of current LAN/WAN network technologies,
architectures, principles, operations, and protocols
- Knowledge of current security vulnerabilities and any resultant impact
to the Bank of such
- Exceptional interpersonal and customer service skills and the ability
to ascertain and disseminate information quickly through a variety of
channels
- IT monitoring and reporting technology knowledge a strong plus
Thanks & Regards
Matt
I.T. Recruiter.
Direct: 954-362-9905
Fax: 954-212-2818
Email: [email protected]
www.itssonline.com
I.T. Software Solutions, Inc. 3801,N.University Dr. Suite 312 Sunrise, FL
33351
Certified ( MBE ) Minority Business Enterprise ( SBE ) South Florida Water
Management District ( CDBE ) Community Disadvantaged Business Enterprise(
DBE ) Disadvantaged Business Enterprises
Disclaimer: Under #1618 Title III passed by the 105th U.S. Congress this
mail cannot be considered Spam as long as we include contact information and
a method to be removed from our mailing list. To be removed from our mailing
list please reply to [email protected], with the word “REMOVE”.
--
You received this message because you are subscribed to the Google Groups "Open
Source Erp & Crm" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/open-source-erp-crm?hl=en.
