Job Description :
Any visa/tax term

*Senior Information Security Analyst*

*Location:* San Jose, CA

*Duration:* 6-month CTH

*Salary:* $125K135K.

looking for a security analyst who has good experience working with the
SIEM, IPS, DLP, and vulnerability scanners. This position will also require
that the candidate have worked in a SCADA environment as we are one of 16
critical infrastructures (i.e. water The SCADA piece is hard to find
SCADA environment will follow NIST framework while business network will
follow ISO 27002 (eventually We need to be SOX and PCI DSS compliant.

*Summary*

The Senior Information Security Analyst plays a pivotal role in securing
and protecting the Company s Industrial Control Systems (ICS) and corporate
network that are responsible for providing drinking water to approximately
two million customers. This position is part of the I.T. Security and
Compliance team and will work closely with the Network Architecture and
Engineering teams to ensure the proper detective, incident response, and
recovery controls are in place to protect the Company s infrastructures. In
addition, the position will act as the project manager and/or technical
lead on initiatives related to software/hardware implementation, security
audit, training, and policy/procedure definition. This position is located
in San Jose, California and will require some travel.

*Essential Job Functions:*

Define requirements, implement and maintain National Institute of
Standards and Technology (NIST) compliance for all applicable systems
Define logging aggregation, alerting, patching, backup and
restoration capabilities for Industrial Control Systems (ICS), and the
corporate network
Performs threat hunting, triaging, and reporting information
security events
Define and implement privacy and protection of personally
identifiable information
Assists with maintenance of IT General Controls (ITGC) SOX and
Payment Card Industry (PCI) Data Security Standard (DSS) compliance
efforts
Assists with ISO27002 compliance certification efforts
Documents security procedures and train users on such
procedures
Conducts annual table top exercise and provide user security
awareness training
Implement and manage Data Loss Protection (DLP) and vulnerability
management program
Performs information security policy review for third
party/vendor relationships and monitor the service level agreements per
agreed upon terms
Leads the security incident response team through all remediation
and recovery phases include working with law enforcement
Assess and implement physical security perimeter and entry
controls
Assists with IT Operations request as necessary
Participates in and supports the Company s Continuous Improvement
program and projects
Performs other similar duties as assigned
*Minimum Qualifications:*
Bachelor s degree in Computer Science or equivalent relevant
experience
Strong understanding of enterprise, network, system, and
application level security principles
Working knowledge of NIST, ISO 27002, and/or other security
frameworks
Familiarity with Industrial Control Systems in relation to
utility practices for operational technologies and service delivery
Excellent troubleshooting skill
Solid written and verbal communication skills
Ability to project manage and can successfully complete projects
from inception to closure
Global Industrial Cyber Security Professional (GICSP)
or Certified Information Systems Security Professional (CISSP)
certification is highly desirable
Valid California Driver License