Location:: Matawan, NJ Rates::$60/hr
Duration::3-6 months Interview:: F2F * IT Security & Compliance Analyst* *Job Description: * *Candidate Profile and Role:* The IT Security & Compliance Analyst will report directly to the Global Information Security Officer/Director. The IT Security & Compliance Analyst is responsible for the maintenance of information security governance policies and procedures; monitoring compliance with company security policy; ensuring timely responses to client/customer RFP’s and questionnaires; research and investigation of security alerts; providing security awareness training and materials to employees; and assisting with research and investigation of security incidents. Responsibilities · Monitor and advise on information security issues related to systems and workflow at company to ensure internal security controls are appropriate and operating as intended across all platforms and teams. · Utilize SIEM technology to track, monitor, and report findings to MGMT as needed. · Prepare responses, or assist with responses, to client RFPs and information security assessments in conjunction with various teams within the firm. · Coordinate and assist with remediation efforts resulting from our external and internal vulnerability-scanning program. · Assist in maintenance, and training of company users on the importance of privacy and security awareness. · Recommend updates to information security policies, as needed, and assist in the maintenance of the information security policy library. · Assist in coordination of third-party annual application vulnerability tests, SSAE16 SOC2/PCI/ISO 27000 series internal audits and IT security assessment(s). · Participate in resolution of security incidents, and complete after action reports to memorialize the findings. · Work closely with 3rd party service providers to ensure timely delivery of products and services. · Assist with development and delivery of security awareness training and materials. · Work with teams to assist and manage projects pertaining to the Information Security Group. · Perform governance with multiple vendors within the information security area, and infrastructure operations. · Work with application teams to assist in the remediation of source code vulnerabilities utilizing HP Fortify 360. Requirements · Bachelor’s degree in computer science, engineering or equivalent combination of education and work experience. · 5+ years experience in information security · Experience in security policy development, application vulnerability assessments and tools, compliance testing · Experience with SOC2, PCI, and ISO27000 series requirements and validation processes · Strong background in security controls, application security, network and system security, distributed system recovery time objectives, distributed systems administration, security auditing techniques and/or general computer controls · Must have strong analytical skills (i.e., technical and non-technical problem solving skills) · Must have the ability to write effective memos, simple reports, and documentation · Must have the ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management · Possess strong interpersonal and project management skills · High personal credibility and integrity · Certifications in one or more: CISSP, GIAC,CISM,CGEIT,CISA,CRISC · Working knowledge with the following solutions is helpful: o SolarWinds TriGeo Log Management SIEM tool o Nessus vulnerability scanning tool o HP Fortify 360 o RSA-DLP technology o Mobil Device Management technologies *Anubhav Sood* *Sage Technologies Inc.* ------------------------------ *O: 732.767.0010 ext-501 M: 732-784-6489** E: **as...@sagetl.com <as...@sagetl.com>** Web: **www.sagetl.com* <http://www.pyramidci.com/> Gtalk: <http://www.tresourceinc.com/> *anubhavtrg* | YIM: *anubhavtrg* Linkedin: *https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile* <https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile> *We nurture your talent * -- You received this message because you are subscribed to the Google Groups "oraapps" group. To unsubscribe from this group and stop receiving emails from it, send an email to oraapps+unsubscr...@googlegroups.com. To post to this group, send email to oraapps@googlegroups.com. Visit this group at http://groups.google.com/group/oraapps. For more options, visit https://groups.google.com/d/optout.
