Title: Information Security Analyst with PCI Compliance
Duration: 6+ months
Location: NYC
Job Description:
Looking for someone who is very familiar with PCI that can drive towards remediating compliance.
Would like someone who has a Network background.
Familiarity with MacAfee Product line.
Implement and manage a comprehensive Information Security Program based on ISO 2700x Framework
Participates with the Information Security team to plan, develop and execute vulnerability assessments and penetration tests.
Configures enterprise vulnerability assessment and penetration testing tools, performs internal/external scans, analyzes detected vulnerabilities, identifies the relevant threats and eliminates false positives through manual validation.
Uses application development, code review and database skill set to demonstrate how vulnerabilities are exploited.
Generates reports on assessment findings and summarizes them to facilitate remediation tasks for other operational teams.
Recommends security controls and/or corrective actions for mitigating technical or business risk.
Prepares reports and metrics on the status of completed assessments, progress of remediation actions and performance of the assessment tools.
Creates and updates documentation for the vulnerability and penetration testing process; including procedures on using the assessment tools, appropriated configuration settings, implementing process enhancements, and validating vulnerabilities.
Assists in conducting security reviews of new and existing applications.
Maintains an awareness of existing and proposed security standards, industry best practices, legislation and regulations pertaining to information security and recommends appropriate changes.
Identifies process improvements, prevent/anticipate problems and focus on continuous improvement from manual to automated processes.
Work with Service Desk, Engineering and Development teams to provide security governance, create policies, Guidelines, Standards and Procedures to ensure the confidentiality, Integrity and availability of the NFL Information Program.
Incident Response handling
Bachelor degree in related discipline preferred; Information Security and control certifications preferred in one or more of the following; CISSP, CISA, PCI QSA
Technical experience in security aspects of multiple platforms, operating systems, software, communications, LAN/WAN, wireless, VPN and network protocols.
Very good knowledge of network architecture, perimeter structure and design.
Experience with using vulnerability assessment tools such as; Nessus, Qualys, Metasploit, NMap, AppDetective, WebInspect, Fortify.
Good understanding of information security standards, frameworks and best practices from; ISO2700x, OWASP.
Ability to evaluate system designs for compliance to PCI, HIPAA, ISO guidelines.
Familiarity with MacAfee EPO, endpoint solutions ie (Anti-Virus, HIPS and Firewall solutions), Cisco Routers and Switches, Checkpoint Firewalls, VMware, Microsoft, PKI and Encryption.
Regards
Kevin Brooks
Amtex Systems Inc.
50 Broad Street, Suite 801
New York, NY-10004
Cell: 917-463-4086
GTalk: amtex.kevinb
E-mail: kevinb@amtexsystems.comYou received this message because you are subscribed to the Google Groups "US Jobs: Requirements, Clients and Consultants" group.
To unsubscribe from this group and stop receiving emails from it, send an email to recruiters-r-us+unsubscribe@googlegroups.com.
To post to this group, send email to recruiters-r-us@googlegroups.com.
Visit this group at http://groups.google.com/group/recruiters-r-us?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment