8300 Old courthouse road, Suite. 250, Vienna, VA - 22182
SECURITY COMPLIANCE ENGINEER
07-03-2012
SECURITY COMPLIANCE ENGINEER
Title: Security Compliance Engineer
Location: Scottsdale, AZ
Travel Required: None required
T&E Provided: Yes
Responsibilities:
The engineer will be responsible for the following:
- Understand contractual requirements with assigned customers.
- Deliver customer security solutions.
- Understand, communicate and administer established IT security policy.
- Assist solution design teams on technical specific security requirements.
- Contribute on a proactive basis to trend analysis and policy development.
- Review and approve change management and new customer requests from a security and risk management perspective.
- Second Level support for security related end user problems.
- Perform security trend and technology related research as necessary.
- Implement vulnerability, detection and protection security systems.
- Implement security audit gaps results into the build and implementation project phase.
- Define and realize plans concerning technical content and innovation in such way that will contribute adequately to the realization of Security Management.
- Assist in internal and external security audits.
- Review and when needed improve the Security Management process.
Qualifications:
Position Requirements: No clearance required.
Desired Education: Bachelor's Degree preferred.
Desired Experience:
- 3-5 years of experience working in systems engineering on a specific OS (AIX, Linux or Microsoft Windows) or storage infrastructure.
- 3-5 years of experience in Information Security with a focus of Security Management.
- Experience implementing patch management initiated Vulnerability Scans, IT Risk Assessment and Firewall/Server/Network devices baseline reviews.
- Expertise in Implementation of Security Needs: Audits, planning, design, implementation, testing, and management.
- Strong understanding for various IT security standards and practical experience implementing it within the IT framework of an organization.
- Strong understanding and practical experience of multiple compliance framework like ISO 27001, SAS70, COBIT, ITIL, SOX or PCI.
- Excellent knowledge in access management/controls and have working experience in implementing it by applying a model and/or using a tool or system.
- Competent in security strategies and technologies including operating systems security, secure network, web and database services, penetration testing, access control, system monitoring and cryptography.
- Experienced at implementing or managing risk management/methodology, processes and tools.
- Ability to evaluate enterprise-wide impacts and make recommendations to approach issues and mitigate potential risks to an acceptable level.
- Experienced with solving complex technical security issues through design of security controls within a development lifecycle, provide recommendations to operational processes in service delivery, etc.
- Experienced in handling challenging security incidents and participation in audit demands, communicate with internal & external customers management.
- Extremely process and detail oriented.
- Strong written and verbal communication skills.
Desired Certifications:
- Relevant security certifications are desirable but not mandatory, such as CISSP, CISM or CISA.
- General network certifications (CCNA, etc) preferred.