Job Description :
Location: Warren, NJ
Duration: 6 Month Project

We are in the process of implementing Qualys for internal scanning. We currently use Qualys for external scanning today but the new purchase will be a replacement for McAfee MVM and requires certification from our engineering team (CATE) which we are looking to expedite.

This is an engineering position responsible for the design of a robust scanning architecture that extends across multiple regions and devices. The engineering efforts shall be fully traceable to functional and non-functional requirements, defining security configurations, gaining stakeholder acceptance, creating test plans and executing test steps under the guidance of Citi HSE for independent validation.

The recourse for this role must be able to work within a highly regulated and controlled IT environment. Ideal candidate will meet the following specifications and have 3-5 years of experience in the following areas:

Must have expert knowledge of the PCP platform, the scanner servers and the agent components
Must have expert knowledge of the Qualys support model
Must be able to map Citi Information security requirements to all components within the Qualys solution and identify gaps
Must be able to show how each of the Qualys controls can meet Citi Information Standards & various other Citi Technical Standards
Must be familiar with information security concepts and products
Must have strong IT/Technical skills (understanding of software, hardware, networks, etc
Must have strong technical documentation skills
Must have a sound understanding of the principles related to change control
Must be able to create detailed requirements and test plans for the PCP, scanner servers and agents
Must be able to provide a third level support for the Qualys solution
Must be able to follow the CATE Technology Development Life Cycle which details the tasks needs to perform certification
Must follow issues through to resolution on a timely basis.
Must be able to work under pressure and with tight deadlines.
Must have a strongly understanding of the concept of segregation of assets, roles, privileges, change reconciliation, password management, key management, change reconciliation, log reviews and reconciliation.
Must be able to provide expert advice on the design of a global solution
Must have experience developing, testing, customizing and troubleshooting information security systems and solutions to ensure protection of IT assets, business functions and requirements.
A sound knowledge of encryption algorithms and peripheral technologies is an advantage
Proficient in MS Word, Excel, and MS PowerPoint to produce metrics charts.
Proficient in MS Visio to produce process, design and architecture diagrams.
Proficient in basic UNIX administration.
Proficient in basic Windows administration