Description
Infosec Security Analyst - Birmingham, AL
Position Overview:
You will be responsible to increase the level of assurance of the integrity, confidentiality and availability of corporate information assets
Responsibilities:
- Implement and manage InfoSec separation of the client's RACF and Active Directory implementations
- Provide technical guidance to form and validate security solutions (Security Impact Analysis) 50%; Log Review and Analysis 25%, Vulnerability Management Support 25%
- Responsible for technology management, strategic planning, systems management, access controls, operations security, and telecommunications & network security
- Lead for all Information Assets Security issues and provide guidance in the development, implementation and administration of Information Assets security procedures
- Designs and implements audits of information systems to ensure they are operating security and data is protected as required by policy
Qualification:
- BS degree in Information Systems or related field or equivalent work experience
- 5+ years of experience with information technology this includes at least two of those years in information security
- 3+ years of experience in creating and updating baseline templates, managing nCircle processes for automated compliance
- 3+ years of experience in a position interpreting and communicating technical information orally and written
- Strong understanding of security issues, security feature administration, design and implementation of security solutions, monitoring of security environments in at least one of the following areas and should also have a good working knowledge in at least one other area:
- Windows, Unix and/or Mainframe environments including Windows Active Directory and supporting tools
- Vulnerability Scanning and Penetration Testing tools, VCM for RACF and zOS STIGs
- Application Security across multiple coding languages and supporting tools
- Log Review and Event Correlation and supporting tools
- Proxy Server tools
- Monitoring of security threats and generating management reports on security threats
- Knowledge of Risk Management and experience in applying risk management principles in a corporate IT environment is highly preferred