Job Title :Info Security Analyst Vendor Pay Rate :35/hr on C2C
City :Brown State :Wisconsin *Projected 9 month contract; opportunity to extend* *Job Description:* "Part of a team that establishes, supports and continuously improves the enterprise information security policies, practices and standards. Participate in on-going operational activities that serve to establish appropriate access to and provide the appropriate protection, confidentiality, integrity and availability of enterprise systems and data through effective security controls. Validate compliance with policies and standards that keep applications and infrastructure safe and secure from vulnerabilities. *Responsibilities:* · Provide timely and effective operational support of our information security tools, processes and practices. Partner with other support teams and vendors to resolve problems or implement new products or services. Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards. Escalate key security issues to the appropriate team to be addressed. Assist with security assurance testing activities. Assist with planning and design of cloud enablement and security standard development for cloud computing environments and services. · Review, analyze and respond to security events triggered through automated security monitoring systems. Validate and track security breaches, along with threats to logical information, while still allowing for appropriate access. Coordinate responses to information security incidents. Work to reduce information security risks by effectively administering the information security processes across the vulnerability scanning, anomaly detection, intrusion detection, security policy and forensic functions. · Monitor compliance with information security policies and practices and any applicable laws. Assist with internal and external security risk assessments, risk analysis and application or system-level vulnerability testing and reviews. Participate in the assessment of compliance with security regulations such as PCI, NACHA, NYDFS, etc. Participate in periodic application security health checks. Monitor and document vendor compliance with the company’s security requirements. · Assist with the research, development, continuous improvement, and implementation of security policies, procedures, standards, and processes based on compliance requirements and industry best practices. Document information security requirements, processes, and procedures. Enforce information security policies and procedures by reviewing security violation reports, investigating possible security exceptions and documenting security controls. · Prepare status reports on information security matters that are used for a variety of purposes - tracking and monitoring security breaches, forensic investigative activities, remediation plan management and risk management as well as compliance reporting. Effectively manage and prioritize ad-hoc reporting requests, scorecards and standard departmental reporting. Coordinate with internal team and external auditors to provide documentation of compliance assessments, support and remediation activities. · Maintain and develop knowledge of regulatory security trends, new security technologies and best practices. Conduct security and industry specific research to keep self and the firm abreast of the latest security issues and regulatory developments that may impact existing policies, procedures and practices. Participate in information security education and training and awareness activities for technology and business teams." *Required:* · Bachelor’s degree in Computer Science, MIS, or related field; or equivalent work experience. · 3+ years of experience in information security or related technical field. · Broad technical experience including systems analysis, infrastructure, application development, networking, and database design and administration. · Proven experience with capabilities that include identify and access management, threat and vulnerability management, governance risk and compliance, and data security management. · Broad hands-on knowledge of firewalls, intrusions detection/prevention systems, anti-virus software, data encryption, endpoint and cloud security architecture, and other industry-standard techniques and practices. · Broad knowledge of security frameworks such as COBIT, NIST, CIS, and ISO 27000 Series Experience with regulatory compliance such as PCI, NACHA, NYDFS, etc · Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms. · *Preferred:* o 5+ years of experience in roles with increasing responsibility in the technical fields of information security and/or compliance applications. o Experience with endpoint, email, and network protection, advanced persistent threat, data loss prevention, and DevSecOps. o Certifications: CISSP, CEP, CISM, CISA, or CRISC; or equivalent security certification. -- *Ian Elijah* *Sr. IT Recriter * *Waynsys Inc* *(MWBE Certified)* *Direct: 732-733-4463* *www.waynsys.com* <http://www.waynsys.com/> *(eVerified) * Disclaimer: We respect your online privacy. If you would like to be removed from our mailing list please reply with "Remove" in the subject and we will comply immediately. We apologize for any inconvenience caused. Please let us know if you have more than one domain. The material in this e-mail is intended only for the use of the individual to whom it is addressed and may contain information that is confidential, privileged, and exempt from disclosure under applicable law. If you are not the intended recipient, be advised that the unauthorized use, disclosure, copying, distribution, or the taking of any action in reliance on this information is strictly prohibited. We are an equal opportunity employer with a diverse workforce. Note: Any resume submitted by Waynsys Inc is presented with the understanding that the candidate is being considered for your direct end-client (end-client is the company where the work will be performed). If there is any other company involved between the end-client and your company, please do not submit this resume without our written approval. If you submit the resume to another third party, Waynsys Inc reserves the right to work with the third party directly. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/android-developers/CAMjVX05YO7kTf6eatFtCu4qakufQCDe_fVqemQexiaw_3DbmZQ%40mail.gmail.com.
