Security and Applications Architect Job Offer

`Sr. Information Security Specialist -ApplicationsArchitect We are looking for a seasoned hands-on professional with good blend of Security and Applications experience who has expertise in Information security administration and governance, infrastructure security, embedding security practice into SDLC.DUTIES AND RESPONSIBILITIES: Security architecture, administration, and support for ongoing IT and Digital/Web initiatives at our clientResponsible for facilitating protection to Companys information technology IT systemsSecurity risk assessment, recommending remediation and hardening for infrastructure and applicationsDevelop and facilitate deployment information security governance documents: policies, frameworks, programs, procedures, and auditsDefine, develop, and implement security models around Business Data Classification and Intellectual Rights ManagementDeploy and maintain proactive monitoring security threats and vulnerabilities to identify and prevent potential intrusions, initiate usage security information event management approaches and toolsPlan and participate in security projects. This may include i managing joint development with 3rd parties, ii providing guidance with other departments to the engineering and QA teams, iii ensure and deploy as required, security solutions, best practices, etc.Conduct compliance reviews, evaluating internal controls both for business segments and for business applicationsPerform information security compliance assessments, review alignment of security controls with applicable regulatory laws and governing documentsDevelop and maintain Information Awareness framework, process, and trainingMonitor and observe InfoSec relevant sources media, InfoSec providers ; provide assessment and prepare recommendations to address emerging threats, vulnerabilities, technologies, and solutionsProvide Site Security Assessment of enterprise premises and Third parties, including incoming Cloud deployments, like SaaS, IaaS, PaaSGeneral Skills: ArchitectureFive years+ of experience as a Security Specialist including business, application, and infrastructure securityThorough understanding related security aspects for N-tier application architecture, web based applications, applications in cloud, mobilesThorough conceptual understanding authentication, authorization, data confidentiality, non-repudiation, integrity, and audit loggingExpertise in related governing Information Security standards and documents, like SOX, PCI, COPA, Safe Harbor, ISO-27001Good understanding Web Service Security and relevant standards like OWASPDeep understanding security policy best practices. Should have experience in developing security governance documents for an enterpriseAn expert understanding identity management and Role based access controlDeep implementation experience in SSO, password management, and certificate managementThorough understanding network security: TCP/IP, DNS, DMZ, Firewalls, Web Application Firewalls, Intrusion Prevention Systems, best practice design and deploymentKnowledge and experience addressing security challenges in virtualized, cloud, mobile environmentsExperience with DLP, IRM, MDM Mobile Device Management; familiarity with CSA Cloud Security Alliance works and governing documentsDocumenting skills, ability to use efficiently MS Office applications Word, Excel, Outlook, Visio.InfoSec Certifications - SANS and another major one like CISSP or CISM with credentialsThorough understanding, hands-on skills and experience with following products and technologies: Network and application firewalls web app firewalls, XML firewalls, database firewalls, Intrusion Prevention, Network Malware Detection, Network Anomaly Detectionsecurity event management and architecture of SIEM productsSecure coding best practices in applications development and custom codes, including PHP, ASP, Java, C#, etcJ2EE, Tomcat application server security, web server IIS, Apache security, proxy servers etc.Windows and Linux security models, basic administration and auditdata encryption at rest and in transitbrowser oriented security concepts e.g. Tokens and risks e.g. XSSability to configure SSL, PKI serversLDAP server Oracle Directory Server - Sun One - preferred and Active Directory expertise including design of custom LDAP schema and general LDAP server administration; experience with bulk changes using command-line and LDIF/CSVDatabases Oracle, MS SQL server, MySQL - conceptual understanding, security auditVulnerability assessments and IT audit Nessus, BackTrackIncident response and digital forensics; understanding and handling Manual malware - analysis and eradication.Site Security AssessmentProgramming skills in any language , Scripting shell, PowerShell, VBscript, Python, knowledge of unix/linux command-line utilities for quick log analysis.Familiarity and experience with the technologies and concepts SSL/TLSSSOVPNForward proxies and reverse proxiesAnti-virusEnd point securityMobile device security More details Click Here: http://intermediagroup.catsone.com/careers/index.php?m=portala=detailsjobOrderID=3708636 Contact: Telephone: 2122480100 E-mail: sfleischner@intermediagroup.com

Views: 447