*Please submit resumes to go...@itlogix.com.* *Position: Information security Consultant*
*Location:Minneapolis,MN. * *Duration: 8+ Months * *Non-locals are fine.*** *Imp Notes: * *Position requires 50-75% travel and may include international travel as necessary.* ***Location in Minneapolis or Phoenix preferred, although position can be located anywhere within the lower 48 states, this excludes Hawaii and Alaska*** *Description:* This position is for an *Information Security Analyst* on the Site Review Team . *This Site Review Team (SRT) is responsible for assessing the Information Security risks associated with the use of a 3**rd** party vendors/suppliers. Analysts perform information security assessments spanning physical security, environmental, policy, procedure to more technical network and application testing.* *Primary responsibilities are to*: Review and understand *Information Security Policy and Procedure*; to examine and understand the *I.T. Infrastructure* of business partners of varying sizes; and to assess existing and *potential risk and determine if it is consistent with the polices and directives of corporate information security policies, industry best practices, and regulatory requirements*. Effectively *lead and conduct information security reviews and assessments of technical*, managerial, and operational functions, at various vendor locations within the United States and other countries as needed. Conduct multiple interviews with different levels of employees within an organization. *Provide leadership to projects assigned. Exercises sound judgment and influence senior business managers and peers*. Identify and evaluate information security risks within a business partnership and communicate findings to senior management. *Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse systems environments*. Reviews the development, testing, and implementation of security plans, products, and control techniques. Investigates and recommends appropriate corrective actions for data security incidents. Provides security consulting and project management services on highly complex information security projects and issues. *Identifies security risks to the organization and ensures that appropriate data security procedures and products are implemented*. Maintains an awareness of bank security policies and *government regulations pertaining to information security*. Identifies regulatory changes that will affect information security policy, standards, and procedures and recommends appropriate changes. *Leads and directs less experienced staff.* *Minimum Qualifications: * - Excellent verbal and written communication skills and can effectively communicate with peers, customers, and various levels of management. - General business know-how; an understanding the financial industry and associated regulatory agencies. - Comprehensive understanding of *Information Security Standards and Best Practices; ISO 17799, BS 7799. Familiar with NIST or FFIEC Handbook. * - Understands how Information Security risks relates to business risks. - 5+ years of experience in *Information Security and/or the equivalent Audit experience related to information systems and operational functions. * - Extensive experience with multi-tier web-based applications, network architecture, and DMZ designs. - Analytical skills; must demonstrate an ability to decipher technical documentation (network diagrams and application flow charts), assess potential risks, and communicate relevant information to senior management. - *Technical skills; knowledge of Windows, Unix, Linux, mid-range or Mainframe system admin skills; understand DMZ architecture and network protocols and routing. * - Working knowledge of information security tools: NMAP, ethereal, snort, Nessus, dig, etc - Knowledge of information security architecture principles and firewall design & architecture *Preferred Skills: * - Bachelors degree in technology or business - *Information Security Certification (e.g. CISSP) or other related certificates * - *Audit experience and/or certifications * - *System vulnerability assessment and penetration testing experience is a plus * - *Understanding of Business Continuity or Disaster Recovery * - *Experience as a member of Computer Incident Response Team (CIRT) or Computer Response Team (CERT) * Thanks & Regards, Gopal IT Logix go...@itlogix.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "REQSRESUMES" group. To post to this group, send email to reqsresumes@googlegroups.com To unsubscribe from this group, send email to reqsresumes+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reqsresumes?hl=en -~----------~----~----~----~------~----~------~--~---
