*Send resumes to [email protected] <[email protected]>*
*Position: IT - Information Security Analyst * *Location: Springfield-MA or Windsor -CT* *Duration: 9 Months , Potential right to hire after 9 months* Legal status: *GC/USC only* Phone and in-person for locals and nearby consultants. Or nearby state consultants Telephonic & Skype Duration: 9 Months These are the must haves. *General security knowledge* is required. · *Enterprise design* · *Powershell expertise,* · *IIS.net engineering** experience (senior level preferred* *Qualifications* - *Knowledge/Skills* · *Enterprise design* · *Powershell expertise,* · *IIS.net engineering experience (senior level preferred)* · *Phase 1 - 150 hours of script develop/testing* · *Phase 2 – remediation as we run the scripts and find issues* · *Troubleshoot application or policy changes.* · *Partner with the Quality team to identify exceptions and document.* · *IIS expertise will be available to consult with the contractor (Jason, Bill, other) for onboarding and ongoing needs.* · Experience with designing and implementing secure networks · Experience with secure data communications and applications · Vulnerability/penetration testing remediation · Extensive knowledge of current and upcoming IT security technologies · Awareness of latest and common security threats · Excellent troubleshooting skills · Knowledge of virtualization technologies · Experience reviewing IT BRDs and FSDs from an Information Security perspective *Specific Responsibilities* · Develop standards for and ensure proper placement of assets on company networks to align with network segmentation standards. · Focus on technologies in the web application, Network, Firewall and Cloud environments · Create and maintain baseline configuration standards for all technical assets. · Establish requirements for remediation of legacy application limitations or exceptions to standards · Establish guidelines for timely retirement of non-conforming assets or applications · Take a lead role in conducting security research on threats and remediation techniques/ technology, make recommendations to the IS/IT teams and oversee their implementation. · Lead remediation activities stemming from security event analysis, vulnerability management and intrusion detection · Support MM’s operational information security responsibilities, including the development maintenance of standards, procedures, and baselines necessary to meet security requirements. · Assist in investigation of network/infrastructure/application security alerts from managed security service provider and in-house security tools. · Assist information risk managers (IRMs) & IT Controls function in conducting risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems. · Provide security SME support to requests from Audit, Compliance, Legal and/or other control functions. . *Education & Experience* · BS or MS in Computer Science or a related field is required · * Certification* in *Information Security* (*CISSP, CISM, CHE *etc.) is preferred. · Minimum of 8 years of *progressive experience in Information Security *is required · Experience with *web server* and *application configuration and administration* · Previous/current experience in a *highly-regulated industry*, or in *banking or financial services*, is strongly preferred. · Solid technical writing experience is required. · Experience performing detailed *Risk Assessments* is strongly preferred. Regards Philip -- You received this message because you are subscribed to the Google Groups "oraapps" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/oraapps. For more options, visit https://groups.google.com/d/optout.
