Job Description :
Hi,
Greetings for the day.!!!!
We are actively looking for IT Security Advisor/ Security Consultant/ Risk & Compliance Consultant at Miami, FL??????.
Location - ???????? Miami, FL??????
Mode - Long Term Contract
Positions:
?
1. IT Security Advisor
2. IT Security Consultant
3. Risk & Compliance Consultant
Position: 1- IT Security Advisor
Under general supervision develops and implements enterprise security solutions to mitigate information systems risks and vulnerabilities for the Corporation. Configures and analyzes security tools and software. Coordinates with IT and end users to minimize disruptions and protect assets. Provides information security recommendations to management in support of business strategies and goals. Aids business partners in administering a world-class vendor and third parties data security and compliance program. Provides guidance to those in less senior positions.
Job Description :
Identify and recommend mitigation of information systems risks and vulnerabilities for the corporation
Provide information security recommendations to management in support of business strategies and goals
Acquire information security metrics, implement models that leverage metrics data to provide business value
Participate in security incident response investigations that involve computer crimes and require log, forensic and malware analysis
Ensure infrastructure is designed and architected securely in accordance with policy, standards and compliance regulations
Review and develop security architecture and process for applications
Assist in the formulations and ongoing maintenance of enterprise information security standards and guidelines provide interpretation and guidance for it employees to ensure business needs are met in a secure fashion
Aide business partners in administering a world class vendor and third parties data security and compliance program
Knowledge / Skills / Abilities Considered a Plus
Experience with one or more of these information security domains:
1. Endpoint
2. Host
3. Network
Certifications include certified information security professional (CISSP) and other domain specific certifications.
Support implementation, support and maintenance on security tools for? ?:
1. Web Content Filtering
2. Anti-Virus / Anti-Malware
3. Incident Response & Investigations
4. Log Monitoring
5. Application Whitelising
6. Network Mapping
7. Threat Intelligence / Detection
8. Security Intelligence Center
9. Anti-Spam
10 .Log Monitoring
11. Intrusion Prevention / Detection
12. Firewall
Support Incident Response tool and investigations
1. Provide support for incident response and investigations as needed
2. Provide on-call support for ISIRT (Information Security Incident Response Team)
Support new tools and processes for FY17 and other miscellaneous requirements:
1. Administrator Privilege Management
2. Device Authentication
3. Cloud Security
4. Mobility
5. Network Security Architecture
6. Security Operations Center
7. Provide support for the ISPA Lab
Provide support for the FIRST process
Perform AVERT support functions for Host and Endpoint Security vulnerabilities
Provide on-call support security team.
Position: 2- IT Security Consultant
Job Description:
Information Security Engineer would primarily be responsible planning, execution, and management of multi-faceted projects related to security assurance, risk management, cyber-security, data security, application security, network security and infrastructure/information asset protection. Reviews assessment progress against established goals, objectives, service level targets and project milestones.
Key role would be to engage in with client to review and advise on enterprise IT Security landscape.
Primary Responsibilities:
Perform Business Impact Analysis of different projects in flight and upcoming from security perspective
Evaluate each project against Security practices and provide a Security Architecture Score rating
Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security policies and related government regulations
Evaluate Vulnerability Assessment results based on the industry wide Application Security Threat Models like ASF, STRIDE and Risk Assessment model like DREAD
Perform Privacy and Security Policy Impact Security Architecture Assessment
Provide technical solutions to mitigate the vulnerabilities identified during threat modelling and vulnerability analysis
Additional Responsibilities:
Should support in educating and strengthening the operations team with relevant education to promote Information Security practice within the organization
Experience:
Should have minimum of 10 years of experience in IT networking and security consulting.
Experience of at least 5 years in Risk & Compliance solutions and services is a must.
Capabilities and Certifications:
Should have good understanding of Mobile Device Management and Security.
Should have good understanding of various Cyber Security Frameworks.
Good understanding of Web application architecture and security framework.
Deep Understanding of various Application Threat Models and their applicability to existing and upcoming applications.
CISSP or equivalent Information Security Certificate is must; ISO27001 LA/LI, COBIT Foundation etc would be a plus.
Should be well versed with operating systems like Microsoft Windows and Unix Flavors, Database and Applications environment.
Must Demonstrate Good Communication and Presentation Skills and Project Management Skills.
Position: 3- Risk & Compliance Consultant
Job Description:
The Risk & Compliance Executive would primarily be responsible for supporting the Compliance, Risk and Audit initiatives of the client for Client’s Compliance Services. He / She would also be responsible for providing inputs to the client with respect to the IT Audits, IT Risks & IT Compliance for the services at the client. Key role would be to engage in Compliance Assessment & Risk Management Projects and foster the relationship to improve the engagement experience of the client through trusted consulting.
Primary Responsibilities:
Handle technical and business impacting aspects of Information Security Risk areas comprising of Audit / compliance, IT, Operational and Legal Risks.
Participate in and Execute Risk Assessment and Management Program
Should be able to resolve Risk and Security solutions / issues and work with Security team to bring them to closure.
Should be able to deliver on Assessments & Audits.
Would need to work with the operations team and the SDMs to ensure right oversight is created ad maintained with respect of the Audit, Risk and Compliance
Work with teams demonstrating the core team values and Adhere to the Policies and Practices of Client as well as HCL.
Experience:
Should have minimum of 10 years of experience in IT networking and security consulting.
Experience of at least 5 years in Risk & Compliance solutions and services is a must.