Hi Partner, Please reply to *[email protected] <[email protected]>*
We have a client here in downtown Albany NY, looking for an IT Security professional for a 6 month+ contract position. Please review and if you have any suitable candidates you can send them to me with rate information (best rate please, I do not have a rate range to give you). As the Security Assistant Manager, you will take direction from the Security Manager. Your role is to supervise Redesign security project staff ensuring that all security controls are defined, documented and implemented. You will work closely with the selected vendor, guide the technical support for operating system security for the new system and ensure that the Security Manager is aware of any emerging issues. Responsibilities * Guide the development, implementation, and maintenance of detailed technical designs and procedures for operating system security and required security roles in accordance with existing systems standards as well as any other applicable standards. * Guide the proactive monitoring, diagnosing, and correcting computer system security problems. (i.e., access permissions, password reset, login issues, etc.). * Assist in oversight of the selection, installation, and maintenance of computer security software. * Assist in oversight of the development of backup, recovery and contingency/disaster planning. * Assist in oversight of Selected Implementation Vendors for conversion planning, to ensure that the servers and operating system environment are designed, developed, installed and are performing in a manner adequate to meet the security needs of the Project. * Assist in the coordination of CIO staff to ensure they understand the full impact of system security enhancements, developing and monitoring SLAs (Service Level Agreements) where necessary to ensure that work is accomplished in a coordinated, well-planned manner and meets expectations. * Assist in oversight of all aspects of the new System, other organizations, and external entities, to ensure that security needs are addressed as implementation proceeds. * Assist in the development and implementation of the LOB user administration process including the creation, maintenance, role maintenance and the related policies, for all internal staff and external customer's usage of self-service web applications. * Assist in the development and implementation of the policies surrounding the business and IT processes proposed in the new System including, but not limited to: receiving and sending data to external partners, movement of data files, business reports, IT Change Management (application and system changes) throughout the system, user lifecycle management as well as the secure integration between component parts of the new System. * Ensure that all Security Policies and directives are upheld and maintained as the new system is developed * Collaborate and cooperate with related ISO and CIO security staff and keep them informed of key security activities * Assist in oversight of any third party vendor(s) who may perform Network Vulnerability Assessments. Manage the r review of any reports that are developed in this regard (including reports from the QA/IV&V Vendor) and ensure that any and all deficiencies are reviewed and appropriate follow-up action is taken. * Assist in the management of the certification and accreditation of the security of the new System, the program under which it is implemented and the resulting business environment in which it will continue to operate. * Assist in oversight of Selected Implementation Vendor's development of an information security program which includes, but is not limited to: * Periodic assessments of risk, including the magnitude of harm that could result from the unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems that support the operations and assets * Subordinate plans for providing adequate information security for networks, facilities, information systems, or groups of information systems, as appropriate * Security awareness training * Periodic testing and evaluation of the effectiveness of information security policies, procedures, practices, and security controls to be performed with a frequency depending on risk, but no less than annually * A process for planning, implementing, evaluating, and documenting remedial actions to address any deficiencies in the information security policies, procedures, and practices * Procedures for detecting, reporting, and responding to security incidents * Plans and procedures to ensure continuity of operations for information systems that support the operations and assets * Assist in data classification activities including the development, implementation and maintenance of data classification program in consultation with the division's business units Requirements * At least 9 years of IT security experience, at least 2 years of which must be supervising in an IT environment, (e.g. web, imaging, workflow, customer relationship management (CRM)). * Experience must include the following, which may be concurrent: o 2 years of experience working on advanced security features, such as encryption, and Internet and Web protection. o 2 years of experience establishing and maintaining an organization's security policy and plan o 2 years of experience building appropriate user profiles, roles, and privileges, etc., involving all aspects of user administration in support of secure internal and external controls. * Experience implementing PeopleSoft/Oracle security; * A bachelor's degree in Computer Science or a related field may be substituted for 4 years of the general experience. Preferred * Other certification recognized under Department of Defense Directive 8570.01 at IAT Level III or IAM Level II; * Current holder of Certified Information Systems Security Professional (CISSP) * Experience with PeopleSoft/Oracle role based user administration * Experience with Oracle Security Server; * Experience developing annual user security reviews and security audit plans; * Experience securing data, both at rest and in transit; * Experience controlling access to backend database objects (tables, views, rows, columns, etc.); * Experience monitoring system access via audit plan data; * Knowledge of retirement benefits administration business requirements and their fulfillment through specific IT capabilities and practices; * Excellent oral and written communication skills; * Excellent organizational skills * Demonstrated experience with the security components of any of the following software: * PeopleSoft Enterprise 9.1, including o Human Capital Management (HCM) o Customer Relationship Management (CRM) o Financials o Portal o Learning Management * Oracle Policy Administration (OPA) and Policy Modeling * Oracle Enterprise Data Quality * Oracle WebLogic Suite * Oracle SOA Suite * Oracle Business Process Management (BPM) Suite * Oracle Enterprise Governance, Risk, and Compliance Manager (GRC) * Phire Architect * Verisign MPKI for SS * Oracle Database 11g, including, o Advanced Security option o Database Vault o Audit Vault o Database Firewall Grid Control IAM Management Please send the updated resume of the consultant along with the rate, location and contact information. Please make sure the Consultant's skills match the requirement. After reviewing the resume I will contact you if I need more information. Thanks & Regards... *Anand Bandarupally* Direct: *703 879 3453* | Fax: 866 594 4637 StanSource Inc. 22375 Broderick Drive, Suite 135, Dulles, VA 20166 *[email protected]* | www.stansource.com .http://www.inc.com/inc5000/profile/stansource *[image: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: cid:[email protected]]* *Fastest-growing private companies of US : #445 | IT services : #49 | Washington DC: #*46 We respect your Online Privacy. If you like to receive only hot list please reply Hot-List in subject. If you like to receive only Requirements please reply Reqs in subject. If you like to receive Hot list and Requirement please reply Both in subject. IF you don't like to receive mails please reply REMVOE. We are sorry for the inconvenience. Please don't unsubscribe let us update our list for mutual benefit. -- You received this message because you are subscribed to the Google Groups "SAP ABAP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sap-abap. For more options, visit https://groups.google.com/d/optout.
