Security Analyst

Virginia  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Description

Security Analyst
Reston, VA

Experis is seeking a Security Analyst for our client in Reston, VA.

Responsible for the planning, design, and auditing of security policies and procedures which safeguard the integrity of and access to systems and electronic information in order to guard information against accidental or unauthorized modification, destruction, or disclosure. Confers with management, developers, auditors, facilities and other business unit personnel to identify and plan security for data, software applications, hardware, telecommunications, and computer installations. Provides risk assessments and security briefings related to security issues. Develops IT security awareness programs and activities, and advises resource owners on formation of appropriate security policies.

The role of the Security Analyst is to safeguard confidential information assets stored or managed across the organization. The scope involves information technology security, and identification of key security initiatives and standards. Specific initiatives include support of the client Security Program; functional services (Privacy and Confidentiality; education, awareness and training; contracts security due diligence; product standards; advisories and bulletins; and overall security compliance.

ESSENTIAL FUNCTIONS/RESPONSIBILITIES:

  • Acts as an advocate of information security and privacy programs across the organization.
  • Develops and implements security standards, tactical processes and procedures, and guidelines for multiple platforms and diverse systems environments (eg corporate, distributed computer and Client Server systems) that are consistent with initiatives and weighs appropriate risk and value with cost that can be leveraged across the organization.
  • Identifies regulatory changes that can affect information security policy, standards, and procedures to recommend appropriate security program changes.
  • Provides technical expertise and support to clients, IT management, and staff during risk assessments and the implementation of appropriate information security procedures and products.
  • Participates in the development, testing and implementation of security review plans, products and control techniques.
  • Participates in investigations of suspected information security misuse or compliance, and recommends appropriate corrective actions for information security incident response.
  • Tracks, documents and publishes security notifications related to supported systems software and hardware and classify unresolved security exposures to management.
  • Develops and performs awareness presentations and train information owners in the appropriate use of information and in the implementation of necessary computer security controls and/or systems.

Required Skills:* MINIMUM QUALIFICATIONS
Seven plus years in a computer related field, with at least three in Information Security in an enterprise tactical and strategic setting.
Bachelors Degree in Business, Management, or Computer Sciences, or equivalent prior work experience in a related field.
Min. 3 years working experience in the application and use of industry standard information security systems and methodologies.
Operational, tactical and strategic understanding of security products and concepts such as Firewalls, VPNs, IDSs and other security devices.
Current CISSP security certification.
Experience in designing or implementing enterprise security architecture models and frameworks.
Willingness/ability to work off-shifts (evening, night-time, weekend)
Knowledge of risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies, and security attack pathologies
Must have the ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management.
Tactical and strategic experience with security program development or management.
Knowledge of application level security.

Start date
11-14-2011
Duration
6 months+
(extension possible)
From
Generic Network
Published at
29.10.2011
Project ID:
260957
Contract type
Freelance
To apply to this project you must log in.
Register