Job #: 795
Title: IT Security – White Plains
Position Summary: This position is responsible for:
· maintaining security controls;
· conducting vulnerability assessments against web applications and infrastructure and;
· the oversight of maintenance of IT security Monitoring systems..
Major Job Accountabilities:
§ This position will be responsible for security event monitoring, vulnerability assessments, web application penetration tests, integrity checking, and maintaining necessary standards & controls, and procedures.
§ Perform enterprise risk assessments of IT projects, issue findings and track to resolution.
§ Audit existing systems, including Windows and Linux servers and workstations, Cisco and Juniper network devices, internal web applications and other systems for vulnerabilities and compliance with minimum security baselines. Identify remediation plans or compensating controls for vulnerabilities.
§ Perform penetration testing on applications and infrastructure and recommend action plans.
§ Review patch releases from vendors including Microsoft and assess risk and recommended actions to patch bulletins. Work with System Operations group to orchestrate patch deployments.
§ Participate in Security Architecture Reviews and provide input into ongoing security design of the network. Research and recommend solutions to maintaining and developing a secure architecture.
The position will encompass maintaining integrated programs to protect the integrity, confidentiality, and availability of the organization’s technology infrastructures and information resources. Review existing applications periodically and new applications prior to installation to ensure that the applications adhere to IT security policies and procedures. Perform detailed risk analysis assessment of applications, networks and systems.
§ Oversee and maintain the ArcSight ESM and Logger environments, ensuring operational availability and performance.
§ Monitor security alerts from ArcSight SIEM across a 1500+ user WAN for potential intrusions and policy breaches. Monitor ArcSight reports and alerts and escalate incidents to operations teams. Additionally, the Security Analyst will be responsible for creating new SIEM content as needed upon emergence of new applications, threats, and policies.
§ Respond to security incidents related to servers and network devices. Perform regular security audits of critical information security systems and generate appropriate supporting documentation. Perform comprehensive security reviews of applications addressing all layers. Monitor performance and activity of information security systems and services.
§ Participate directly in the resolution of security incidents and understand common Windows vulnerabilities and exploits. Perform network and host-based vulnerability scanning.
§ Provide guidance and education to other groups within the Information Technology function, including Infrastructure Architecture, Application Development, Network Operations, System Operations, and Help Desk.
§ Provide off-hour support as required.
§ The qualified candidate must have at least 5 years’ experience working with the Network Infrastructure and at least 5 years’ experience in IT security controls and monitoring.
§ Proficiency in both Windows and Linux is required
§ Proficiency with Active Directory security and administration is required.
§ Proficiency with secure configuration of IIS, Microsoft SQL Server is required.
§ Experience implementing and administering PKI,digital certificate technology including CA management, SSL encryption and key protection is preferred.
§ Experience with the following products is desired: Riverbed Cascade, ArcSight ESM and Logger; Tripwire; Bluecoat; Rational Appscan, BurpSuite, Qualys, Nessus, SNORT, FireEye, McAfee ePO, Lumension, Cisco IOS, and general network security management and logging applications.
§ Experience with wireless security auditing and wireless security controls is desired.
§ Experience assessing and implementing security mechanisms and monitoring systems.
§ Working knowledge of the configuration and operation of Cisco network devices including ASA firewalls is desired.
§ Experience analyzing security events and differentiating between incidents and non-incidents.
§ Strong understanding of the TCP/IP protocol suite, OSI model, and network services such as DHCP and DNS; layer 2 and 3 networking technology and protocols.
§ B.S. Degree in Computer Science or related field and/or 5 to 7 years related experience.
§ Excellent oral and written communication skills.
§ CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GCWN) or similar certification strongly desired.