| Duties & Responsibilites : | local candidates strongly preferred:
- Position will be working with Information Security staff, with focus on networking and vulnerabilty management.
- The scope of work is to provide a full-range of information security functions and skills with a detailed understanding of networking and vulnerability management.
- Vulnerability scanning and analysis of outputs; work with Information Technology Division to securely remediate issue based on risk and prioritization
- Monitor Intrusion Detection Systems and provide support for investigation or incident management
- Define penetration testing criteria and lead testing efforts
- Perform forensic analysis as needed
- Define appropriate security controls for new and existing technologies
- Assist in implementation of security tools as required
FUNDAMENTAL REQUIREMENTS
- Advanced working knowledge of and 12 or more years of professional experience working in Information Technology with a focus on Information Security from an operational perspective for more than 5 years
- Thorough, in-depth knowledge of and experience with TCP/IP and networking as it relates to information security including firewall, router, load balancer, and other network infrastructure
- Full understanding of Intrusion Detection and Prevention from both the network and host levels; ability to understand threat data and how to apply controls in this area
- Full understanding of vulnerability scanning and analysis of outputs; ability to understand real from false positive observations by understanding the vulnerabilities as well as the network infrastructure
- Previous experience performing penetration testing
- Previous experience performing forensics and working on an incident management team
- Full understanding of application level security and the associated vulnerabilities and controls
- Meticulous attention to detail, excellent written and verbal communication skills, ability to handle multiple priorities and work both independently and in a team environment
DESIRED QUALIFICATIONS
- Information Security certification beneficial
REQUIRED SKILLS:
- Microsoft Windows Server 2003, 2008, 2012
- Microsoft Exchange Server 2010
- Microsoft Office Professional 2010
- Windows Active Directory, LDAP, WSUS
- Cisco network and VPN equipment
- VMWare
- SAN, DASD, NAS
- DS-3 Telecommunications, WAN, LAN, VLAN, SIP
- Cisco VOIP
- EMC Data Domain 2500, 4500 & Networker
- Orion SolarWinds Monitoring
- WSFTP & Move IT FTP Server
- SOPHOS
- QualysGuard
Required Experience:
-Advanced working knowledge of and professional experience working in Information Technology Required 12 Years
-Professional experience/focus on Information Security from an operational perspective Required 5 Years
-Experience w/ TCP/IP & networking as it relates to information security including firewall, router, load balancer & other network infrastructure Required 5 Years
-Full understanding of Intrusion Detection/Prevention from both network & host levels; ability to understand threat data & how to apply controls Required 5 Years
-Full understanding of vulnerability scanning/analysis of outputs; ability to understand real from false positive observations Required 5 Years
-Previous experience performing penetration testing Required 5 Years
-Previous experience performing forensics and working on an incident management team Required 5 Years
-Full understanding of application level security and the associated vulnerabilties and controls Required 5 Years
-Excellent written and verbal communication skills; ability to work both independently and in a team environment Required
-Information Security certification (CSSP, CFFP) beneficial Desired
Interview Process:
In Person |
