Hello, Title: *Data Security / Privacy Expert* Duration: 6 Months Location: Boulder, CO
*RESPONSIBILITIES:* Partner with Information Security and Risk leadership to develop strategies and plans to enforce security requirements and address identified risks. Develop a comprehensive understanding of company-specific data flow and business processes to enhance data protection capabilities Lead the research, evaluation, design, testing, recommendation and planning for the implementation of new or updated information security technologies. Establish collaborative working relationships with the businesses, functions and regions to ensure that information technology solutions align with security architecture and business strategy. Partner with Information Security Operations, Risk, Privacy, and IS Compliance management to define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems. Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Recommend remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed. Evaluate and assess Cloud and other third-part security controls to ensure that company’s data and infrastructure are adequately protected. Provide second- and third-level support and analysis during and after security incidents. Assist the security administrators and IS staff in the resolution of reported security incidents. Research and assess new threats and security alerts and recommend remedial actions. Support the Information Security and Risk Team initiatives, including security governance, security requirements analysis, incident response, assessment facilitation & remediation, and development of Information Security & Risk Management policies, procedures, and standards that meet internal and external requirements (e.g. SOx, HIPAA, PCI-DSS, Data Privacy). Partner with Information Security and Risk leadership in fostering an information security culture in Global IS through education, skill development, and implementation of effective information security processes and practices. Interface with the Project Management teams to ensure security services are met in all phases of the project management framework. *PREFERRED QUALIFICATION :* *Professional certifications preferred (e.g. CISSP, CEH, CISA, CISM, etc.)* Significant exposure or understanding of the following concepts, practices, and technologies: Cyber Defense Frameworks Threat Modeling Incident Management Web Filtering Intrusion Prevention (IPS) Data Loss Prevention (DLP) Network Access Control (NAC) Security Incident & Event Management (SIEM) Systems Syslog Secure Network Design Standards Anti-Malware Solutions Vulnerability and Patch Management Data Capture Analysis Application And Vulnerability Assessment Tools Public Key Infrastructure (PKI) Encryption Identity And Access Control End-Point Protection Virtual Private Networks Virtualization and Containerization Next-Generation Firewalls Knowledge of security & risk frameworks, standards, and best practices (i.e. PCI, HIPAA, ISO, COBIT) Advanced experience with operating systems like Windows, Unix/Linux, BSD and iSeries. *Habeeb Rahman* 50, Cragwood Road | Suite#224 |South Plainfield | NJ-07080 Work: 908-822-8515 Ext: 22*|*Fax*:* 732-909-2191 hab...@mutexsystems.com | www.Mutexsystems.com <http://www.mutexsystems.com/> Mutex Systems is a Minority Business Enterprise certified by NMSDC NOTE: If this email message has reached you in error and if you do not wish to receive similar messages in future, please reply with "REMOVE" in the subject line. Our apologies for any inconvenience caused. Under Bill S.1618 Title III passed by the 105th U.S. Congress this e- mail cannot be considered spam since we have included the contact information. -- You received this message because you are subscribed to the Google Groups "OracleD2K" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracled2k+unsubscr...@googlegroups.com. To post to this group, send email to oracled2k@googlegroups.com. Visit this group at http://groups.google.com/group/oracled2k. For more options, visit https://groups.google.com/d/optout.
