*Please submit resumes to go...@itlogix.com.*

*Position: Information security Consultant*

*Location:Minneapolis,MN.  *

*Duration: 8+ Months *

*Non-locals are fine.***

*Imp Notes: *

*Position requires 50-75% travel and may include international travel as

***Location in Minneapolis or Phoenix preferred, although position can be
located anywhere within the lower 48 states, this excludes Hawaii and


This position is for an *Information Security Analyst* on the Site Review
Team . *This Site Review Team (SRT) is responsible for assessing the
Information Security risks associated with the use of a 3**rd** party
vendors/suppliers. Analysts perform information security assessments
spanning physical security, environmental, policy, procedure to more
technical network and application testing.*

*Primary responsibilities are to*:

Review and understand *Information Security Policy and Procedure*; to
examine and understand the *I.T. Infrastructure* of business partners of
varying sizes; and to assess existing and *potential risk and determine if
it is consistent with the polices and directives of corporate information
security policies, industry best practices, and regulatory requirements*.

Effectively *lead and conduct information security reviews and assessments
of technical*, managerial, and operational functions, at various vendor
locations within the United States and other countries as needed. Conduct
multiple interviews with different levels of employees within an
organization. *Provide leadership to projects assigned. Exercises sound
judgment and influence senior business managers and peers*. Identify and
evaluate information security risks within a business partnership and
communicate findings to senior management.

*Develops and implements security standards, procedures, and guidelines for
multiple platforms and diverse systems environments*. Reviews the
development, testing, and implementation of security plans, products, and
control techniques. Investigates and recommends appropriate corrective
actions for data security incidents. Provides security consulting and
project management services on highly complex information security projects
and issues.

*Identifies security risks to the organization and ensures that appropriate
data security procedures and products are implemented*. Maintains an
awareness of bank security policies and *government regulations pertaining
to information security*. Identifies regulatory changes that will affect
information security policy, standards, and procedures and recommends
appropriate changes. *Leads and directs less experienced staff.*

*Minimum Qualifications: *

   - Excellent verbal and written communication skills and can effectively
   communicate with peers, customers, and various levels of management.
   - General business know-how; an understanding the financial industry and
   associated regulatory agencies.
   - Comprehensive understanding of *Information Security Standards and Best
   Practices; ISO 17799, BS 7799. Familiar with NIST or FFIEC Handbook. *
   - Understands how Information Security risks relates to business risks.
   - 5+ years of experience in *Information Security and/or the equivalent
   Audit experience related to information systems and operational functions.
   - Extensive experience with multi-tier web-based applications, network
   architecture, and DMZ designs.
   - Analytical skills; must demonstrate an ability to decipher technical
   documentation (network diagrams and application flow charts), assess
   potential risks, and communicate relevant information to senior management.
   - *Technical skills; knowledge of Windows, Unix, Linux, mid-range or
   Mainframe system admin skills; understand DMZ architecture and network
   protocols and routing. *
   - Working knowledge of information security tools: NMAP, ethereal, snort,
   Nessus, dig, etc
   - Knowledge of information security architecture principles and firewall
   design & architecture

*Preferred Skills: *

   - Bachelors degree in technology or business
   - *Information Security Certification (e.g. CISSP) or other related
   certificates *
   - *Audit experience and/or certifications *
   - *System vulnerability assessment and penetration testing experience is
   a plus *
   - *Understanding of Business Continuity or Disaster Recovery *
   - *Experience as a member of Computer Incident Response Team (CIRT) or
   Computer Response Team (CERT) *

Thanks & Regards,

IT Logix

You received this message because you are subscribed to the Google Groups 
To post to this group, send email to reqsresumes@googlegroups.com
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to