职位描述:
Summary:
This individual will work with the internal business and external customers as an information security and controls subject matter expert. Assist customers in the design of technical and administrative controls, security architecture and policy solutions. Work with team members globally on the deployment of security technologies and team projects involving small to medium, multi-functional systems. Should have a strong interest in researching all aspects of IT Security threats ?application vulnerabilities, network attacks, viruses, etc. Desire to develop a firm understanding of the application of security concepts across a broad scope of areas including data communications, network design, operating systems and application development. Assist customers in defining work processes, system requirements and provide guidance on Security and IT Control best practices. Candidate should possess strong written and verbal communication skills with the ability to interface with individuals from IT, business, and external customers and the ability to communicate complex, technical issues at a high level to customers.
Education and Experience Requirements:
Education Experience
?Bachelors or Masters Degree in Computer Science or Management Information Systems.
Functional Expertise
?Strong background within various operating environments - Microsoft Windows (Servers and Desktop), UNIX and/or network systems.
?Knowledgeable in the concepts of OS system security.
?Experience in programming technologies (experience preferred in at least some of the following ?C, C++, Java, Perl, PHP, HTML, UNIX Shell Scripting, SQL.
?Solid understanding network security, TCP/IP, routing and basic concepts in network design (LAN and WAN).
?Ability to learn and perform risk-based design reviews and analysis throughout the product development life cycle beginning at the requirements stage on through system deployment.
?Project management skills ?capable of working independently and able manage multiple tasks through to completion.
?Basic knowledge of best practices within IT Compliance and IT Security Policy.
?Solid understanding of databases, application and web server design and implementation
?Understanding of security technologies: firewalls, VPN, Anti-virus, IDS.
?Knowledgeable with various encryption technologies: IPSec, SSL, certificates, public/private key, PGP
?Basic understanding of IT Audit processes and procedures.
|
