Questa posizione non è più disponibile, ma ce ne sono altre Sicurezza offerte di lavoro
Marvel
Pubblicata
Chiusa
Sr. Security Specialist
Cosa comprende il lavoro
- Security architecture design, administration, and support for ongoing IT and Web initiatives
- Provide security protection to company’s information technology systems and data
- Security risk assessment and remediation for business processes, enterprise infrastructure and applications
- Conduct periodically risk assessments, vulnerability assessments and threat analyses to be able identifying and managing associated risks
- Develop and facilitate deployment of information security governance documents: policies, frameworks, programs, procedures, and audits
- Define, develop, and implement security models for Intellectual Rights Management, data confidentiality classification
- Proactively monitor security threats and vulnerabilities; event management and logging, identify and prevent potential intrusions using SIEM, DLP, IPS/IDS, other tools; advanced malware/Threat analysis and protection
- Plan and execute security related projects, e.g., deploying new security solutions and best practices, providing guidance to company’s engineering and QA teams
- Establish, monitor, evaluate and report key security performance and risk assessment indicators to provide management with accurate evaluation of the enterprise security state and the information security program effectiveness
- Compliance assessment and reviews; alignment of security controls for business processes and applications with applicable regulatory governing documents like SOX, PCI, COPA, Safe Harbor, ISO 27001, OWASP
- Develop and maintain User Security Awareness program,; organize and provide security training to employees, contractors, interns
- Monitor and study relevant media and specialized vendor resources, provide assessment and recommendations to address emerging threats, vulnerabilities
- Site Security Assessment of corporate premises, third parties, cloud services
- One of Major InfoSec Certifications (CISSP, CISM, SANS) is a must
- Information Security Architecture
- Integration with Business, Information, Technology architectures
- Securing business processes, applications, and infrastructure
- Security aspects for N-tiered application architecture and web based applications
- Authentication, authorization, data confidentiality, non-repudiation, integrity, audit logging
- Linux and Windows scripting, command line utilities (like Shell, Visual Basic, Perl, Python, awk)
- Security policies and best practices; developing governance documents, certificate management
- Identity management and role based user access control, end point security
- Password management and SSO implementation
- Network security, TCP/IP, DNS, DMZ, Firewalls, Application Firewalls (Web, XML, Database), best practice design and deployment; hardening hardware/software, secure VPN and FTP, Forward and reverse proxies
- Virtualized, cloud, mobile environments, MDM
- Security specifics in applications development and custom codes - PHP, ASP, Java, C# platforms
- Hardening J2EE, Tomcat, Web servers (IIS, Apache)
- Windows and Linux security models, basic administration and audit
- Databases (Oracle, MS SQL) – audits, data encryption at rest and in transit
- Browser security concepts (e.g. Tokens), risks (e.g. XSS); configuring SSL/TLS, PKI servers
- LDAP (Oracle Sun One preferred), Active Directory, including administration and design of custom LDAP schemas
- Vulnerability assessments and IT auditing
- Incident response and digital forensics experience
- Experience in organizing and leading projects with managed security service providers
- Assess and manage Third parties Security
Chiusa
Sr. Security Specialist
A tempo completo, A tempo indeterminato
Data di inizio:
Ultima data di inizio: