The Information Security Consultant will be responsible for:
- The operation and management of the technical security compliance tools for client’s distributed systems infrastructure.
- The daily operation and management of the network-based vulnerability scanning application.
- Creating SOP documentation for the management of the compliance, vulnerability scanning, and event management tools.
- Operation and maintenance of the compliance monitoring and vulnerability scanning applications and toolsets
- Daily review of compliance reports
- Managing the daily ticketing process for non-compliance messages
- Weekly review of vulnerability scan reports
- Application monitoring, support, troubleshooting
- Create and modify new Symantec ESM compliance policies to align with approved security baselines
- Assist in the deployment of ESM agents across all platforms (UNIX, Windows, VMS, AS/400, etc.)
- Work directly with infrastructure team members to resolve agent communication problems, remediate non-compliance messages and vulnerability scan findings
- Create documentation for core processes and procedures for each of these operations.
- Minimum 1 year experience security compliance monitoring
- Minimum 1 year of experience with network vulnerability scanning and management
- Experience with systems compliance tools such as Symantec ESM
- Experience mapping security baselines, best-practice and related documents to technical security checks
- Experience with vulnerability scanning methods, tools, procedures, and protocols
- Experience writing technical documents such as Standard Operating Procedures, workflow diagrams, network drawings, etc.
- Experience as a Windows systems administration (required)
- Experience as a UNIX systems administration (preferred)
- Possesses strong individual work ethic and team participation
- Effective written and verbal communication skills
- Good interpersonal and organizational skills, as well as phone and customer service skills
- Problem solving skills with regards to technology and complex environments
- Knowledge of OS and application security fundamentals
- Scripting or programming skills (VBScript, PERL, C, etc.)
- Ability to analyze metrics and develop trends
Degree in a technical discipline or related experience preferred
- CISSP, GCIH, or similar industry certifications
Builds Strong Partnerships; Communicates With Impact; Demonstrates Customer Focus; Demonstrates Openness; Integrity and Trust; Embraces Innovation and Change;
Ensures Operational/Process Excellence; Aligns Performance for Success;