Location:: Matawan, NJ

Rates::$60/hr

Duration::3-6 months

Interview:: F2F

* IT Security & Compliance Analyst*


*Job Description: *





*Candidate Profile and Role:*

The IT Security & Compliance Analyst will report directly to the Global
Information Security Officer/Director.  The IT Security & Compliance
Analyst is responsible for the maintenance of information security
governance policies and procedures; monitoring compliance with company
 security policy; ensuring timely responses to client/customer RFP’s and
questionnaires; research and investigation of security alerts; providing
security awareness training and materials to employees; and assisting with
research and investigation of security incidents.


Responsibilities



·         Monitor and advise on information security issues related to
systems and workflow at company to ensure internal security controls are
appropriate and operating as intended across all platforms and teams.

·         Utilize SIEM technology to track, monitor, and report findings to
MGMT as needed.

·         Prepare responses, or assist with responses, to client RFPs and
information security assessments in conjunction with various teams within
the firm.

·         Coordinate and assist with remediation efforts resulting from our
external and internal vulnerability-scanning program.

·         Assist in maintenance, and training of company users on the
importance of privacy and security awareness.

·         Recommend updates to information security policies, as needed,
and assist in the maintenance of the information security policy library.

·         Assist in coordination of third-party annual application
vulnerability tests, SSAE16 SOC2/PCI/ISO 27000 series internal audits and
IT security assessment(s).

·         Participate in resolution of security incidents, and complete
after action reports to memorialize the findings.

·         Work closely with 3rd party service providers to ensure timely
delivery of products and services.

·         Assist with development and delivery of security awareness
training and materials.

·         Work with teams to assist and manage projects pertaining to the
Information Security Group.

·         Perform governance with multiple vendors within the information
security area, and infrastructure operations.

·         Work with application teams to assist in the remediation of
source code vulnerabilities utilizing HP Fortify 360.
  Requirements



·         Bachelor’s degree in computer science, engineering or equivalent
combination of education and work experience.

·         5+ years experience in information security

·         Experience in security policy development, application
vulnerability assessments and tools, compliance testing

·         Experience with SOC2, PCI, and ISO27000 series requirements and
validation processes

·         Strong background in security controls, application security,
network and system security, distributed  system recovery time objectives,
distributed systems administration, security auditing techniques  and/or
general computer controls

·         Must have strong analytical skills (i.e., technical and
non-technical problem solving skills)

·         Must have the ability to write effective memos, simple reports,
and documentation

·         Must have the ability to communicate technical and
security-related concepts to a broad range of  technical and non-technical
staff and management

·         Possess strong interpersonal and project management skills

·         High personal credibility and integrity

·         Certifications in one or more: CISSP, GIAC,CISM,CGEIT,CISA,CRISC

·         Working knowledge with the following solutions is helpful:

o    SolarWinds TriGeo Log Management SIEM tool

o    Nessus vulnerability scanning tool

o    HP Fortify 360

o    RSA-DLP technology

o    Mobil Device Management technologies





*Anubhav Sood*

*Sage Technologies Inc.*
 ------------------------------

*O: 732.767.0010 ext-501  M: 732-784-6489**   E: **as...@sagetl.com
<as...@sagetl.com>** Web: **www.sagetl.com* <http://www.pyramidci.com/>

Gtalk: <http://www.tresourceinc.com/> *anubhavtrg* | YIM: *anubhavtrg*

Linkedin:
*https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile*
<https://www.linkedin.com/profile/view?id=396375369&trk=nav_responsive_tab_profile>



*We nurture your talent *

-- 
You received this message because you are subscribed to the Google Groups 
"US_IT.Groups" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to us_itgroups+unsubscr...@googlegroups.com.
To post to this group, send email to us_itgroups@googlegroups.com.
Visit this group at http://groups.google.com/group/us_itgroups.
For more options, visit https://groups.google.com/d/optout.

Reply via email to