SUMMARY: We are looking for an individual with experience installing and administering Websense and Tripwire, working with Active Directory, as well as taking on daily audit and compliance activities. This will start out as a contract then be converted to a perm position at about the 3 month mark. They DESIRE to hire someone.
REQUIRED SKILLS: - a good mix of recent network and systems administration - experience installing and administering Websense and Tripwire - hands-on and consistent use of security tools such as Websense, Tripwire, Trend Micro, Snort or other IDS, SIEM tools - hands-on experience with Linux (Suse preferred) and Microsoft - hands-on experience with networking and configuring Cisco ASAs, IDS/IPS, NAC, DNS - thorough understanding of AD and LDAP - A working knowledge of Apache, HTML and web-based technologies and applications - experience conducting and documenting formal risk assessments, audits for PCI DSS (some HIPAA and SOX preferred) - experience with MS Visio, Excel, Project - experience managing projects related to planning and execution of security technology deployment and audit remediation
JOB RESPONSIBILITIES: determining security requirements, developing, implementing security procedures based on established policies, identifying and establishing security monitoring, reporting and control activities, and working effectively with internal IT departments as well as other business units. Maintains systems to protect data from unauthorized users. Identifies, reports, and resolves security violations. Responsible for design and implementation of Active Directory, including tree structure, interfacing with developers to facilitate LDAP connectors with both 3rd party and in-house developed applications.
ADDITIONAL RESPONSIBILITIES: • Participates in providing after-hours, weekend, and holiday support as required • Review security requirements for application deployments including system upgrades, implementations and integrations • Lead in enhancing application security based on the latest industry best practices/guidelines • Act as the project sponsor for application security related initiatives. Provide security requirements to projects sponsored by other areas of the organization. Involves presenting overall application security approach and determining individual security requirements • Assist in the development of Security Policies and Procedures for appropriate management and internal control • Work with business users to understand functionally how the business process is served by the application. Ensure application security architecture supports the business process • Work with the IT Infrastructure groups to develop plans for ongoing monitoring of security access and user activity to proactively detect and resolve security risks • Create standards for system development that ensure application security • Maintain existing security definitions within the application • Troubleshoot problems experienced by users/IT support groups related to security access • Other duties as required
EDUCATION: High School or equivalent; BS degree or equivalent experience A+ and MSCE or higher certification or equivalent experience CISSP or CCSP Certification or equivalent experience
EXPERIENCE: 3+ years in Security Analyst or related role working with Websense, Tripwire and Active Directory.
SPECIAL SKILLS: • Demonstrated experience with the design and implementation of change management processes including but not limited to System Development Lifecycle, tools, standards and techniques • Demonstrated project management skills, including the ability to facilitate and lead discussions • Extensive experience with LDAP, Active Directory, and certificates • Understanding of SQL, Visual Basic, shell scripting, Oracle, Windows, Cisco, Java environments • Proficient in information security tools such as Cisco, Snort, OSSEC, Nessus, Tripwire • Excellent verbal and written communication skills