Due to continued growth, we are looking to add a Senior Network Security Consultant. The optimal candidate will be a senior level network security engineer with SIEM ,IPS, Log Managemet, Perimeter Security Control Experience. Primary responsibilities include
project based engineering, designing, installing and troubleshooting data/security network infrastructure for customers. Additional requirements include creating and updating network documentation, network assessments and reporting results.
Minimum 5-8 years in GRC, IT Audit, or IT Security and Risk required -Professional Certification such as CISA, CISSP, SANS, CRISC strongly preferred -Regulations & Standards: ISO 27001/2, COBIT, GLBA, HIPAA, SOX, PCI -Direct experience or exposure working
with a wide range of operating systems, applications and databases: UNIX, Mainframe, Wintel Operating systems; Oracle, DB2, SQL database platforms; web application architecture, the .net and classic programming languages, information security and risk, regulatory
testing requirements, application and database attacks and malware, penetration and vulnerability testing and applications. -Experience with MS word, Excel, Access, PowerPoint, SharePoint.
The Security Consultant will work independently to review complex IT internal controls across IT Organization in mid to large enterprise organizations. Have hands-on capabilities with the following tools used to assess security vulnerabilities:
- Saint Vulnerability Scanner/Penetration Suite
- SQL Injection
- Accunetix Web Scanning
- OpenVas Vulnerability Scanning
- Nessus 4.0 Professional Feed
- Canvas V2.0
- Clearly document his/her work and associated findings such that executive management and non-technical colleagues would easily be able to understand its content.
- Assist with the development of Security Architectures from a People, Process and Technology perspective
- Manage multiple engagements.
- Ability to engage the client within enterprises at all levels of management to discuss key controls/mitigating controls.
- Identifying process weaknesses and recommending changes to improve process controls and compliance
- Ability work with solutions such as S.I.E.M, Firewalls, IPS, IDS, DLP, IAM, etc
- Experience designing, installing, configuring, and troubleshooting two or more of the following Cisco security technologies: Identity Services Engine (ISE), NAC Appliance, NAC Framework, ACS, 802.1x,
ASA, IPS, Cisco Security Manager (CSM), VPN, AAA
- Minimim 5-7 years of experience in the design and deployment of technical security controls such as:
- Firewalls from Check Point, Fortinet
- Network IPS’s from ISS, Tipping Point, RSA or Cisco
- Host Intrusion Detection solutions from Tripwire, ISS,
- VPN solutions from Cisco, F5
- End point security solutions ( CA eTrust, Mcafee, Zonelabs)
- Network Access Control (Cisco, IEEE 802.1X, Juniper)
- Identity and Access Management
- Data Loss Prevention
- Ability to analyze NetFlow data to determine flows that drive Firewall Policies
- Ability to consult on Policies and Procedures
- CCIE Security
- CCNP- REQUIRED at a minimum
- Similar Certifications from manufacturers such as Juniper, CheckPoint or Fortinet