Job Description :
Role: Information Security Analyst (Cons)

Location: New York City (Local Candidates Only)

Duration: Long term

Mode Of Interview: Telephonic followed by In-person (mandatory)


Responsibilities

Partner with the Information Technology (IT) Department to remediate security alerts and respond to information security incidents that could potentially impact the network, systems and applications at the Client
Monitor security functionality (IDS/IPS and Endpoint) and report daily operational metrics; provide scheduled management reports on risk status of network infrastructure, applications, internet activity, email filtering, vulnerability management and security metrics
Maintain daily log monitoring services for Fund applications, databases, and network (IronPort, MSSQL, Oracle, SEP, QNXT, V3, AD, Cisco Firewalls, Core Switches, VPN)
Perform ongoing administrative tasks and partner with IT to ensure the upmost availability for systems (NeXpose, Metasploit, DLP, Varonis, and IDEA; provide SME support during DLP Email Implementation
Plan, test, and deploy IronPort HTTPS Policies & proxy cleanup to augment existing internet monitoring solution; partner with IT to validate existing physical network segmentation
Software Maintenance and Support. Application System Administration.
Manage Incident Response program including updates to standard, guidelines, procedures, classification, and escalation processes; maintain incident documentation and remediation tracking system.
Design, Deploy, and Maintain Security Incident & Event Management (SIEM), Database Activity Monitoring (DAM), and Database Vulnerability Manager (DVM) system; provide a lead role for endpoint and network security project initiatives
Perform additional duties and projects as assigned by management

Qualifications

Bachelor’s degree in Information Security or equivalent years of experience required; plus
Minimum three (3) years Risk Management experience required in an Information Technology environment or related discipline (Information Security, Business Continuity Management or Compliance)
Certified Information Systems Security Professional (CISSP) certification required; SANS and other InfoSec related certification a plus
Incident response experience required; IDS, IPS, Log Correlation Systems configuration and monitoring experience
Demonstrated experience with firewall and system configuration and event log monitoring required
Knowledge and experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001 and the IT Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (CobiT) and National Institute of Standards and Technology (NIST) frameworks
Excellent troubleshooting and analytical thinking skills
Superb communication, interpersonal skills and collaborative skills a must
Self-directed, self-starter, and motivated with the ability to work with minimal supervision
Must meet performance standards including attendance and punctuality
CISSP Required